According to the service, hackers can not access the account for payment of commercial accounts and does not have access to user information stored on Evernote.
However, the attackers gained access to logins, addresses, encrypted passwords and other information of a private nature. The company says that the system implemented by storing passwords Evernote so that passwords are hashed and the actual password in the system, there is only a hash function, the possession of which does not provide access to the most password. However, in Evernote decided to reset passwords for 50 million users whose accounts are in the hands of criminals.
Note that the breaking of Evernote occurred just days after a series of computer hacking in company Apple, Microsoft, Twitter and Facebook. These companies reported that the hacking was carried out with the help Vulnerability in Java, which Oracle over the past four and a half months already updated, and each time extra.
In Evernote not informed that it was the cause of the attack and how the hackers managed to realize insight into the private part of the system. Said in a statement that "suspicious activity" was blocked already in fact, that is when the attacker has already wielded in the system. According to the security department Evernote, the attack was "like a coordinated attempt to gain access to protected data service Evernote".
"During the investigation we found no evidence that any of the information in your account Evernote is now available to third parties, altered or removed. We also found no evidence that the payment information of users Evernote Premium Evernote Business or become available to third people, "- said in Evernote.
"As an additional precaution, we decided to reset the password to the account Evernote for all users. After login you will be asked to enter your new password. After resetting the password on the site Evernote, you will need to enter a new password in another application Evernote, you are using. We also issued updates for several of our applications that simplify the password change. As recent events with more services, such actions are becoming more common, " says the letter to service users.
Links:
Online note service Evernote latest firm to get hacked
Online note-taking service Evernote hacked
No comments:
Post a Comment