Online note-taking site Evernote is the latest high-profile Web firm to get hacked after the company reset all of its near-50 million users’ passwords following the discovery, and subsequent blockage, of suspicious activity on its network. Users will be promoted to enter a new password when they log in to the service. There’s good and bad news here. Firstly, the bad, Evernote says that some user data was accessed –  including usernames, email addresses and encrypted passwords — but it says that all passwords are hashed and salted. That’s a big deal and it makes them less easy to crack, and therefore less likely to be used to hack into other services. On the positive side, Evernote says that it has “no evidence” that payment details were collected nor, it says, was any user data “accessed, changed, or lost” despite the intrusion. All users have been emailed and Evernote says it is updating its apps “over the next several hours”, as part of its security effort. The company is already winning praise for the way that it has approached this issue, being fully transparent with its details and wholly careful by enacting a full password reset. That’s refreshing in an age when many companies are less clear when dealing with issues of cyber security. “As recent events with other large services have demonstrated, this type of activity is becoming more common. We take our responsibility to keep your dat
Evernote resets all passwords after intrusion: User data accessed, but payment details untouched
Evernote resets all passwords after intrusion: User data accessed, but payment details untouched
tehnology
Subscribe to:
Post Comments (Atom)
Comment