February might be over, but the recent string of hacking attacks continued into March, with the news that Evernote was struck.
The popular note-taking app announced that hackers broke through its security system on Saturday, and that it would require all 50 million of its users to reset their passwords as a precaution.
Writing in a company blog post, Evernote's Dave Engberg said there was no evidence any user content was accessed, changed, deleted or lost. There was no sign that payment information for Evernote Premium and Evernote Business users had been stolen. Still, things like email addresses and usernames were retrieved, and the password reset is described as a necessary safeguard against future cyber attacks.
"The investigation has shown, however, that the individual(s) responsible were able to gain access to Evernote user information, which includes usernames, email addresses associated with Evernote accounts and encrypted passwords," wrote Engberg. "Even though this information was accessed, the passwords stored by Evernote are protected by one-way encryption."
The post goes on to say that users need to sign in to evernote.com and change their password.
"After signing in, you will be prompted to enter your new password. Once you have reset your password on evernote.com, you will need to enter this new password in other Evernote apps that you use. We are also releasing updates to several of our apps to make the password change process easier, so please check for updates over the next several hours," the post said.
Engberg also warned users to keep an eye out for future emails that suggest resetting their passwords through links, and gave a few tips for creating new passwords.
- Avoid using simple passwords based on dictionary words.
- Never use the same password on multiple sites or services.
- Never click on 'reset password' requests in emails — instead go directly to the service.
Evernote is the latest company to be victimized by online hackers. Twitter was attacked twice in February alone, with Facebook, Tumblr, Pinterest, Apple and Microsoft all seeing security breaches as well.
(Edited by Lois Heyman)