The company released a security notice asking all its users to change their passwords. Few details surrounding the hack were made public. It was confirmed that the attackers were able to browse and list accounts associated with Evernote.
Having access to emails, usernames and encrypted passwords of over 50 million users is quite something. Even if passwords use one-way encryption it is possible to reverse the encrypted password back to its unencrypted form via special techniques. This is probably one of the main reasons why the company reset the password for each account and is now asking its users to change their passwords.
Evernote explains that there was no evidence to suggest that the hackers managed to get even more sensitive information regarding its users. According to a statement posted on Evernote’s website the company said: “We also have no evidence that any payment information for Evernote Premium or Evernote Business customers was accessed.”
It was hinted that the recent attack is somehow similar to past cyber attacks aimed at other big sites in recent weeks.