Evernote Resets Everyone's Passwords After Intrusion - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Infrastructure // PC & Servers
News
3/2/2013
11:57 AM
Connect Directly
Twitter
Facebook
LinkedIn
RSS
E-Mail
50%
50%

Evernote Resets Everyone's Passwords After Intrusion

After detecting a coordinated intrusion into their network, Evernote forced a system-wide password reset today. The attackers were able to access Evernote user information, which includes usernames, email addresses associated with Evernote accounts and encrypted passwords.

Evernote's security team has detected a coordinated attempt to gain access to secured areas of their systems. So as to be safe, rather than sorry, they have forced all users to reset their passwords before proceeding to use the service.

Evernote Resets Everyone's Passwords After Intrusion
New password? What new password?
I noticed this myself this morning when I tried to load up Evernote on my Mac and got the message nearby that my password had changed and that I should enter the new one. This left me confused as I had not reset my password.

Then I noticed a post on Facebook from Evernote, which I received because I had Liked them, noting the system-wide password reset and linking to the blog entry on their site to which I liked just above. Other people also found the mechanism the company used confusing.

The blog notes that the attackers were able to access Evernote user information, which includes usernames, email addresses associated with Evernote accounts and encrypted passwords. They were not able to access payment information nor any user content. The passwords are salted and hashed; if that was done properly, they should be of no use to the attackers.

Evernote will also be releasing updates to their apps very soon to address the attack.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Slideshows
10 Ways to Transition Traditional IT Talent to Cloud Talent
Lisa Morgan, Freelance Writer,  11/23/2020
News
What Comes Next for the COVID-19 Computing Consortium
Joao-Pierre S. Ruth, Senior Writer,  11/24/2020
News
Top 10 Data and Analytics Trends for 2021
Jessica Davis, Senior Editor, Enterprise Apps,  11/13/2020
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
Why Chatbots Are So Popular Right Now
In this IT Trend Report, you will learn more about why chatbots are gaining traction within businesses, particularly while a pandemic is impacting the world.
Slideshows
Flash Poll