Yet another company has fallen victim to a hack, with attackers breaking into systems at Evernote, maker of a Web-based note-taking application used by about 50 million people.
The company said in a security notice that some user data had been accessed and that Evernote was requiring all users to reset their passwords. Apparently, though, no sensitive financial information was stolen, and no user content was affected:
“In our security investigation, we have found no evidence that any of the content you store in Evernote was accessed, changed or lost,” the company said in the statement, which was e-mailed to users and posted online. “We also have no evidence that any payment information for Evernote Premium or Evernote Business customers was accessed.”
What was accessed, the company said, were usernames, e-mails addresses associated with Evernote accounts, and encrypted passwords. The company emphasized in the notice that “the passwords stored by Evernote are protected by one-way encryption. (In technical terms, they are hashed and salted.)” (Read More)