LONDON – Online note-taking service Evernote Corp. has been hacked and is resetting all its 50 million users’ passwords as a precaution.
The Redwood City, California-based company said in a post published late Saturday that an attacker had been able to access sensitive customer information and that every user would have their account reset “in an abundance of caution.” In a follow-up email sent Sunday, the company said it believed the attack “follows a similar pattern of the many high profile attacks on other internet-based companies that have taken place over the last several weeks” — an apparent reference of recent breaches at Facebook Inc., Twitter Inc., and Apple Inc.
However the company said the attack did not appear to be linked to Java, a commonly used computer programming language whose weaknesses have been used as springboards for other recent hacks.
Evernote said the attack, which it described as “sophisticated,” was able to compromise an unspecified number of customers’ encrypted passwords. Decoding such passwords can be difficult but possible.
The company said it has seen no evidence that any customer data had been tampered with or that any payment information had been compromised.