Evernote responds to hack attempt by resetting all user passwords

Evernote, the cloud-based note-sharing app and service, has announced in a blog post that they have observed and blocked suspicious activity on their network. As a result, all user passwords have been reset. According to the update:

The investigation has shown… that the individual(s) responsible were able to gain access to Evernote user information, which includes usernames, email addresses associated with Evernote accounts and encrypted passwords. Even though this information was accessed, the passwords stored by Evernote are protected by one-way encryption. (In technical terms, they are hashed and salted.)

The post goes on to explain that Evernote has no evidence that any user content was accessed, changed or lost, or that any payment information for Evernote Premium users was accessed.

In order to resume use of your Evernote account and apps, and to access your stored information, you’re going to need to reset your Evernote password, and that can only be done through the website, http://www.evernote.com.

Watch for additional announcements and updates to all apps to facilitate the password reset and address any additional security concerns.

This is just the latest in a series of high-profile security breaches or attempts. We have talked many times about the importance of using secure passwords and implementing a common-sense approach to what information you store on the cloud. Take a moment now to log in and reset your Evernote password, and be sure to choose a password that is at least 8-10 characters and is not a simple word.

Do not panic. While security issues are a continuing and growing concern, this should not preclude you from taking advantage of prevalent technology and tools! If you have specific questions on how to use or not to use specific tools and apps, please post them in the comments below.