A popular online note taking application, Evernote is the latest victim of cyber attacks after Microsoft, Apple and social networking site Twitter. Other than technology giants, high profiles which were recently hacked include the New York Times, Wall Street Journal and The Washington Post. Evernote asked its users to change their account passwords immediately after this security breach.
According to company officials, the request to change the passwords of Evernote user accounts is made after the discovery of suspicious activity on the company’s network. Evernote revealed that recently an attempt to enter the protected areas of cloud service, where users keep their data, had been noticed. However, the latest updates show no sign of data being accessed, changed or lost.
In a statement from Evernote, users were notified “As a precaution to protect your data, we have decided to implement a password reset“. Evernote also mentioned, “The investigation has shown that the individual(s) responsible were able to gain access to Evernote user information, which includes usernames, email addresses associated with Evernote accounts and encrypted passwords”.
“Even though this information was accessed, the passwords stored by Evernote are protected by one-way encryption”.
Evernote cited that the decision to ask users change their password is just an “abundance of caution”. “As recent events with other large services have demonstrated, this type of activity is becoming more common. We take our responsibility to keep your data safe very seriously, and we’re constantly enhancing the security of our service infrastructure to protect Evernote and your content“.
According to the notice, the accessed passwords by hackers were “hashed and salted”, an industrial technique to make passwords secure. The company security specialists haven’t found any compromise in the users’ payment information or the notes put up by users in the cloud. The cyber security team successfully stopped the hackers at the initial stage only.
The repeated cyber attacks on companies one after another are putting companies and state agencies into immense pressure to disclose when they’ve been hit by hackers.
An editorial published in the New York Times last week complained about “an eerie silence on cyber security” and urged companies to come forward. According to the newspaper, “Recent evidence suggests that cyber assaults against corporate and government systems are becoming more frequent and more sophisticated. Bringing these assaults into the open can make everybody more secure”.
Evernote representative stated that the company’s security breach is similar to the pattern found in high profile attacks on other companies over the past few weeks.