Evernote Corporation, the renowned provider of online note taking services, was hacked and is now resetting all of its nearly 50 million users’ passwords in order to avoid any further hacking incident. A hacker accessed sensitive customer’s information, according to the company, and this calls for every users' account to be reset "in an abundance of caution."
As per an email sent by the company, the attack- "follows a similar pattern of the many high profile attacks on other internet-based companies that have taken place over the last several weeks." A clear reference to the recent attacks on Facebook Inc (NASDAQ:FB), Twitter Inc., and Apple Inc. (NASDAQ:AAPL).
The company, however, clarified that the attack was not linked with the Java, which is a most commonly used computer language, whose loopholes have been used as a platform for some recent hacks. The company has no proof that any of its customers' data have been tampered with or that any payment information had been compromised.
Evernote, in order to rebuild confidence in its users, said that although passwords may have been hacked, it had only a minor effect on its content because the company had used “one way encryption” (hashed and salted) to protect the data. This implies that attackers would have been unable to hack the information to steal the actual password
"As a precaution to protect your data, we have decided to implement a password reset," Evernote said, noting the decision reflected an "abundance of caution."
Through the services of Evernote, users make lists, store notes and organize personal information such as video clips, web pages, and itineraries stored in the cloud. There are around 50 million Evernote users.
Evernote generated an email to its users in which it advised them to create a new password after getting logged in with their original credentials. "Once you have reset your password on evernote.com, you will need to enter this new password in other Evernote apps that you use," the email said, such as on mobile devices. The company is updating its app to ease the password changing process.
Evernote gave some common practical tips to its users in the email. It advised them not to keep easy passwords based on words found in the dictionary and never keep the same password for multiple sites or services.
"As recent events with other large services have demonstrated, this type of activity is becoming more common," Evernote said.