Evernote Reports Hacker Security Breach, Change Passwords Now

rated by 0 users
This post has 1 Reply | 0 Followers

Top 10 Contributor
Posts 25,818
Points 1,166,455
Joined: Sep 2007
ForumsAdministrator
News Posted: Sat, Mar 2 2013 3:29 PM
Another day, another security breach. This time it’s Evernote, the popular cloud-based “remember everything” service whose product offerings have increased substantially recently to include business-oriented tools.

According to a post on Evernote’s website, the company spotted some suspicious activity: “Evernote's Operations & Security team has discovered and blocked suspicious activity on the Evernote network that appears to have been a coordinated attempt to access secure areas of the Evernote Service.”

Evernote password change

Because of the breach, the company recommends that all users reset their passwords. Evernote says it will make this process a bit easier by updating several of its apps, and it posted some pro tips for password and account security; really, everyone should know these by now, but here they are:

-Avoid using simple passwords based on dictionary words
-Never use the same password on multiple sites or services
-Never click on 'reset password' requests in emails — instead go directly to the service

Although the hacker(s) did gain access to some Evernote usernames, email addresses, and passwords, apparently no payment information was compromised, and the passwords were all hashed and salted.

Now if you’ll excuse us, we have to change our passwords, too.
  • | Post Points: 35
Top 10 Contributor
Posts 5,053
Points 60,700
Joined: May 2008
Location: U.S.
Moderator
3vi1 replied on Sat, Mar 2 2013 6:33 PM

>> and the passwords were all hashed and salted.

Nothing to see here, move along.

I'm not even going to change mine. I use unique passwords for every site, so if they crack mine (which they shouldn't be able to do if they were actually salted)... they have access to a service they already hacked... on which I've only stored a couple of test notes because I don't really see the appeal of the service.

What part of "Ph'nglui mglw'nafh Cthulhu R'lyeh wgah'nagl fhtagn" don't you understand?

++++++++++++[>++++>+++++++++>+++>+<<<<-]>+++.>++++++++++.-------------.+++.>---.>--.

  • | Post Points: 5
Page 1 of 1 (2 items) | RSS