The note-taking service issued a statement on its site, saying that no stored user content or financial data was changed or lost, but that hackers gained personal information including usernames, passwords and email addresses.
Though they were accessed, passwords stolen in the breach are protected by one-way encryption.
Though they were accessed, passwords stolen in the breach are protected by one-way encryption. The encryption makes it more difficult for hackers to crack the content, but Evernote users are still vulnerable.
Users will be prompted to change their passwords the next time they log in, and the change affects all other Evernote apps. The company’s security team first detected “unusual and potentially malicious activity” on Feb. 28th, The Verge reports.
Evernote says they are releasing updates to several of their apps to make password changing easier for their users.