Note-taking service Evernote has reset all passwords after coming across suspicious activity in secure areas of it’s service.
Evernote’s blog has reassured us that no “payment information for Evernote Premium or Evernote Business customers was accessed” and “have found no evidence that any of the content you store in Evernote was accessed, changed or lost”.
Here is the official explanation of the security breach:
The investigation has shown, however, that the individual(s) responsible were able to gain access to Evernote user information, which includes usernames, email addresses associated with Evernote accounts and encrypted passwords. Even though this information was accessed, the passwords stored by Evernote are protected by one-way encryption. (In technical terms, they are hashed and salted.)
Loging in evernote.com will bring up a password reset notice and once you do so you can continue to enjoy the service as you previously would.
Evernote will also release updates to it’s native apps across various platforms to assist the password reset. Their cautious approach has ensured that no user data was intercepted and modified.