EverNote Latest Site Hacked In Coordinated Attack

The online personal and business productivity service Evernote.com said on Saturday that it is the victim of a hack that exposed encrypted user password information, forcing password resets across a broad swath of the service’s 50 million registered users.

Online note sharing service Evernote said it was hacked and user passwords stolen.

The Redwood City, California-based firm revealed in a blog post that its internal security team discovered “suspicious activity on the Evernote network” that “appears to have been a coordinated attempt to access secure areas of the Evernote Service.” The company said it sent password reset messages to its users as a “precaution” but didn’t believe that stored information in users’ accounts or payment information had been exposed.

The hack is just the latest of a prominent online firm. In recent weeks, Twitter, Facebook, Apple and Microsoft have all reported compromises of their internal networks. Those intrusions were linked to attacks aimed at developers and relied on exploits of previously unknown “zero day” vulnerability in Oracle’s Java software and web based attacks through so-called “watering hole” web sites.

At Evernote, attackers were able to gain access to user information including usernames and email addresses associated with Evernote accounts. The company said the passwords were hashed – encrypted using a one-way encryption algorithm – and “salted” with random data to guard against automated, brute force attacks.

It’s not known, yet, how the company was hacked or whether there is a connection to the attacks on other prominent, online firms. In its statement, Evernote said that “recent events with other large services” demonstrate that”this type of activity is becoming more common,” but did not indicate that the attack was linked to those on Twitter, Facebook, Apple and others.


News of the attack comes amid warnings about online attacks linked to yet another critical vulnerability in Oracle’s Java. On Friday, the security firm FireEye said that its researchers had identified a new Java vulnerability that was used to attack “multiple customers.” Attacks were launched via web sites against browsers running the latest Java updates, the company said.

Evernote is privately held and has received venture funding from top firms, including Meritech Capital, CBC Capital, Sequoia Capital, Morgenthaler Ventures and DOCOMO Capital. A request for comment from Evernote was not immediately returned.