As with any popular service, there are going to be hacking attacks. On Evernote’s corporation news listing, the company said that it has been the subject of hacking attacks in the recent days.
On February 28th, the company’s security team was aware of an unusual and potentially malicious activity on the Evernote. When they took further inspection of the issue, they found out that the group of individuals gained confidential information, including email, account username, and encrypted (which were hashed and salted). Even though the company has discovered that user information has been leaked outside the company, the company believes that payment information were not exposed by the malicious activities.
Even though the group of individuals was able to get user information, the raw passwords are not expected to be discovered for a long time. This is caused by the company’s use of salting the hashes for the passwords. This makes the encrypted passwords even harder to decrypt than it already is.
As a precaution, the company is forcing all 50 million users to reset their password. Upon signing into their Evernote account, users are prompted to create a new password. Users will then have to log in with the new passwords to all programs connected to Evernote.
This is just a small part of a string of hacking attempts in the recent weeks. In the recent weeks before, malicious activities were reported Twitter, Facebook, and many other places. What would be next on the list? Only time will tell.