Evernote, the cloud notetaking service has been hacked. The company disclosed today that an as yet unidentified hacker has compromised their servers and has made off with usernames, email addresses and passwords, though the latter are encrypted.
If you use Evernote then go and change your password now!
Evernote have responded quickly by instigating a mandatory password reset for all their customers – if you have an account you’ll be required to pick a new password next time you attempt to login. This would seem to be just a precautionary measure though as,
“In our security investigation, we have found no evidence that any of the content you store in Evernote was accessed, changed or lost. We also have no evidence that any payment information for Evernote Premium or Evernote Business customers was accessed.”
Evernote also said that the passwords, which are hashed and salted (read more on hashing and salting passwords), were first targeted back on February 28th –
“On February 28th, the Evernote Operations & Security team became aware of unusual and potentially malicious activity on the Evernote service that warranted a deeper look.”
If you are having trouble accessing Evernote’s web site then they are also keeping users up to date with the latest info via their Twitter account –
If you’re having trouble reaching our blog, you can read the same content on this page: ow.ly/id26O
— evernote (@evernote) March 2, 2013
Though nothing is certain I wonder if this has anything to do with the problems at Zendesk recently?