Evernote, the popular software package designed for taking notes, archiving and doing research, was the subject of a hacking incident recently.
The intrusion, which targeted user passwords, gained access to useful information such as email addresses, passwords and username, has forced the company to caution all it’s users and informed them to change their passwords.
The company’s operation and security team confirmed that it was a coordinated attempt to break into the secure areas of the Evernote service.
This is an excerpt from Evernote’s blogpost :
“In our security investigation, we have found no evidence that any of the content you store in Evernote was accessed, changed or lost. We also have no evidence that any payment information for Evernote Premium or Evernote Business customers was accessed.”
The investigation has shown, however, that the individual(s) responsible were able to gain access to Evernote user information, which includes usernames, email addresses associated with Evernote accounts and encrypted passwords. Even though this information was accessed, the passwords stored by Evernote are protected by one-way encryption. (In technical terms, they are hashed and salted.)
“While our password encryption measures are robust, we are taking additional steps to ensure that your personal data remains secure. This means that, in an abundance of caution, we are requiring all users to reset their Evernote account passwords.”
The hacking incident is one of the latest in the recent string of attempts against high profile companies including Microsoft, Apple, Twitter and Facebook.