Massive Password Reset Following Suspected Evernote Security Breach
Evernote advises 50 million to change their passwords but says no content was compromised
Evernote, the developer of popular note-taking and organisation software, found suspicious activity in its networks over the weekend, prompting it to reset passwords for 50 million users.
The company says the measure is merely a precaution as it found no evidence of hackers accessing private user content or payment details.
Better safe
On Saturday, Evernote initiated a “service-wide password reset”, after the security team discovered a “co-ordinated attempt to access secure areas of the Evernote service”.
An investigation launched by the company soon discovered that an unidentified party was able to gain access to account information stored on the platform, such as user names, emails and encrypted passwords.
It is unlikely the attackers will be able to use the stolen data, since Evernote, abiding by good security practices, ‘hashed’ and ‘salted’ its passwords.
“While our password encryption measures are robust, we are taking additional steps to ensure that your personal data remains secure. This means that, in an abundance of caution, we are requiring all users to reset their Evernote account passwords,” explained the company on its blog.
Evernote said that it will update a range of apps in order to make the process of changing passwords easier. In an email, it also advised users on how to make their new passwords more secure.
This first appeared on TechWeekEurope UK. Read the whole story here.