All products featured on WIRED are independently selected by our editors. However, we may receive compensation from retailers and/or from purchases of products through these links.
Evernote is asking its millions of users to reset their passwords following an attempt to hack the note-taking network.
In a blog post acknowledging the security breach Evernote's chief technology officer, Dave Engberg, explained that usernames and email addresses had been accessed along with encrypted password information. "The individual(s) responsible were able to gain access to Evernote user information, which includes usernames, email addresses associated with Evernote accounts and encrypted passwords," said Engberg.
The hack attempt sees Evernote join the growing list of companies who have been forced to report security breaches in recent months including Microsoft, Facebook and Apple. However, without further details it's impossible to say whether the attack followed a similar pattern -- malicious software on employee computers -- or whether it was a separate incident. Wired.co.uk's request for comment had not been answered at the time of publication.
Despite the enforced password reset, Engberg was at pains to point out the data was still in a protected format: "Even though this information was accessed, the passwords stored by Evernote are protected by one-way encryption. (In technical terms, they are hashed and salted)" he said. The global password reset representing "an abundance of caution" rather than an immediate threat to user security.
Evernote's monitoring reportedly found no evidence that payment information for users of the business or premium services was tampered with but added that it was "constantly enhancing the security of our service infrastructure to protect Evernote and your content."
This article was originally published by WIRED UK
