The problem with relying on cloud services is that they are prime targets for hackers. Earlier today, popular note-storing service Evernote acknowledged that it had detected "suspicious activity" on the network. In its blog post, Evernote specified that the intruder(s) had only gained access to account details, including usernames, email addresses, and encrypted passwords. The announcement further clarified that passwords are protected with one-way encryption, a process where a password is first salted and then hashed to make decryption extraordinarily difficult. The company also states that no content (stored notes and pictures) or payment information had been compromised. Aside from email addresses, the wrong-doers failed to get anything particularly valuable.

Evernote is taking additional precautions by initiating a reset of all user passwords and releasing an app update to streamline this process. After the new version is installed and attempts to sync, it will post a notification about an authentication error. Simply open the application and follow the prompts. Once the password has been changed, each app will have to be re-authenticated to resume syncing.


Source: Evernote