Evernote hacked! Over the weekend, the note-taking service Evernote revealed that due to a breach of their security by a hacker, they have now issued a site-wide password reset to all its 50 million users to combat the security breach.
Evernote explained in their announcement that the security team at Evernote had discovered and blocked suspicious activity on the Evernote network. The Evernote hacked alerts appeared to indicate a coordinated attempt to access the secure areas of Evernote, says Evernote.
Details of the Security Breach
As a precautionary measure, Evernote has now decided to implement a password reset for every user of their service. They have found no evidence that any of the content in Evernote was accessed, changed, or lost. Also, no payment details were accessed by the hack. However, Evernote explains:
“The investigation has shown, however, that the individual(s) responsible were able to gain access to Evernote user information, which includes usernames, email addresses associated with Evernote accounts, and encrypted passwords. Even though this information was accessed, the passwords stored by Evernote are protected by one-way encryption. (In technical terms, they are hashed and salted.)”
This means that while the hackers did manage to obtain some user information, the passwords were encrypted in a way that makes it extremely difficult for them to be decrypted. Hashing and salting are common practices in cybersecurity to ensure that even if data is accessed, it remains secure.
Steps Taken by Evernote
Evernote’s swift response to the breach is commendable. By resetting passwords for all users, they are ensuring that any potentially compromised accounts are secured. Users are advised to choose strong, unique passwords to further protect their accounts. Evernote has also provided detailed instructions on how to reset passwords and has encouraged users to enable two-factor authentication for an added layer of security.
For more information on the Evernote breach and resetting your password, jump over to the announcement which was published over the weekend for more details.
Implications and Best Practices
This incident serves as a stark reminder of the importance of cybersecurity. Even well-established companies like Evernote are not immune to attacks. Users should always be vigilant and proactive in protecting their online accounts. Here are some best practices to follow:
1. Use Strong Passwords: A strong password typically includes a mix of letters, numbers, and special characters. Avoid using easily guessable information like birthdays or common words.
2. Enable Two-Factor Authentication (2FA): This adds an extra layer of security by requiring a second form of verification in addition to your password.
3. Regularly Update Passwords: Changing your passwords periodically can help protect your accounts from unauthorized access.
4. Be Wary of Phishing Attempts: Always be cautious of emails or messages asking for your personal information. Verify the source before clicking on any links or providing any details.
The Evernote hack is a significant event that highlights the ongoing challenges in the realm of cybersecurity. While Evernote has taken appropriate measures to address the breach, it is crucial for users to remain vigilant and adopt best practices to safeguard their information. By staying informed and proactive, we can collectively enhance our online security and mitigate the risks posed by cyber threats.
Source:
Latest Geeky Gadgets Deals
Disclosure: Some of our articles include affiliate links. If you buy something through one of these links, Geeky Gadgets may earn an affiliate commission. Learn about our Disclosure Policy.