Evernote resets over 50 million passwords after hackers invade its system
Brian Mains, WCPO Digital
9:05 AM, Mar 3, 2013
Another Internet based company found itself the target of hackers.
On Saturday Evernote, the online tool that lets its over 50 million user save and access information they store from smartphone and tablet apps and laptops, reset all user passwords as a precaution after discovering suspicious activity on its servers.
"In our security investigation, we have found no evidence that any of the content you store in Evernote was accessed, changed or lost," the Evernote team wrote on its blog at www.evernote.com.
And while hackers may not have accessed content stored in accounts, the Evernote team did indicate individuals were "able to gain access to Evernote user information, which includes usernames, email addresses associated with Evernote accounts and encrypted passwords."
Once Evernote discovered the invasion, the team took necessary measures to block the hack, and the additional step of resetting all passwords, it said on its blog statement.
Evernote has become the latest in a recent series of web-based services to see it security measures broken and user information taken, opening those users to further possible security risks online and off.
The Associated Press reported in February on a hack of the systems that operate Facebook, a social website with over 1 billion users worldwide.
Though no personal data was accessed in that attack, such an incident highlights how hacks of large online user-bases services is becoming more common, Evernote stated.
Additionally, a hack accessed user emails and information from Zendesk, an online service who manages costumer software support for social media services such as Tumblr, Pinterest and Twitter, according to TechCrunch, a news website covering the Internet and social media.
TechCrunch stated in its own story of Evernote's hack that the Evernote team began noticing signs of hacking on Feb. 28 before deciding to take the additional step of a massive password reset for its users.
On the Evernote blog post announcing the hack of its site the company gives its users the following recommendations:
Avoid using simple passwords based on dictionary words
Never use the same password on multiple sites or services
Never click on 'reset password' requests in emails — instead go directly to the service