Jump to content
  • 1

Account Hacked - No Notification of Suspicious Login Activity


AP123

Idea

It appears that on 8/29 my account was hacked.  I only became aware of this when I logged in and was told that I was exceeding the 2 device limit.  I revoked access to the iPhone, and changed my password.  But obviously I still feel like all of my personal information contained in Evernote may have been stolen.

While I understand Evernote can't protect against someone logging in with my account if they somehow figure out my password, it would have been nice to receive a verification email of some sort  when a new device logged in.  Or when I suddenly login from Japan on a device I've never used before.  I feel security analytics of this sort is fairly common these days and should be implemented in Evernote.

I know there is also 2 step verification I can enable, but that shouldn't be necessary to be alerted to a suspicious login.  That should be standard.History.thumb.JPG.e30dfb02ad42bea04e93762a24454b0a.JPG

Link to comment

12 replies to this idea

Recommended Posts

As I think this through even more, I'm realizing that if I had been a paid customer with no device limit, I wouldn't have ever been alerted to this hack unless I happened to visit my account history.

Link to comment

This has just happened to me. Glad to see they cared enough to respond to your post. I'm going to have to go through changing my passwords for everything now...joy! I only discovered because of the 2 device limit too, and was also hacked by an iphone (in Egypt - I live in the UK and don't have an iPhone). It feels like someone's reading my personal life or could have downloaded the whole thing! Do you think these are bot hackers or genuine people going through our stuff? It does not feel good and is making me rethink the fact that I have my whole life on Evernote. 

Link to comment
21 hours ago, Swirley said:

This has just happened to me. Glad to see they cared enough to respond to your post. I'm going to have to go through changing my passwords for everything now...joy! I only discovered because of the 2 device limit too, and was also hacked by an iphone (in Egypt - I live in the UK and don't have an iPhone). It feels like someone's reading my personal life or could have downloaded the whole thing! Do you think these are bot hackers or genuine people going through our stuff? It does not feel good and is making me rethink the fact that I have my whole life on Evernote. 

I just received an email about a suspicious login. The strange thing is the login was from August 30 from an Iphone in Tokyo

 

Have no idea how they send an email over 1 week later..

 

Is there any update on this as to whether it could possibly be a bot? I Am pretty worried about this

Link to comment

Update:  I received an email about a new login on 9/7.  The date of the new login in the email was 8/29, from Japan.  So the alert went out more than a week after the login.

Today, I was just forced to change my password again, due to the suspicious activity.  I logged in and checked my access history again, thinking maybe it happened a second time.  There is nothing new, just the August 29th Japan login.

Basically, I found this and fixed it myself, then Evernote "found" it for me a week later and "fixed" it for my by making me change my password a second time.

I don't mean to be a jerk about this.  I do enjoy using Evernote, and I use it for free after all.  But there is certainly some room for improvement on these security measures.

Link to comment
On 9/6/2018 at 3:48 PM, Swirley said:

This has just happened to me. Glad to see they cared enough to respond to your post. I'm going to have to go through changing my passwords for everything now...joy! I only discovered because of the 2 device limit too, and was also hacked by an iphone (in Egypt - I live in the UK and don't have an iPhone). It feels like someone's reading my personal life or could have downloaded the whole thing! Do you think these are bot hackers or genuine people going through our stuff? It does not feel good and is making me rethink the fact that I have my whole life on Evernote. 

They didn't reply, that was just me replying to my own post ?

I'm also rethinking using Evernote going forward.  At least not for anything sensitive.  Unfortunately any cloud based note tool might be just as vulnerable.

I hope the logins were just bots, and I was able to reset my password quickly enough.  But really who knows.

Link to comment
  • Level 5*
1 hour ago, AP123 said:

At least not for anything sensitive. 

I have no concern about storing sensitive data in Evernote.  Of course I make sure it's encrypted.

Link to comment
19 hours ago, DTLow said:

I have no concern about storing sensitive data in Evernote.  Of course I make sure it's encrypted.

If someone has your login, possibly obtained via an Evernote hack that they have not disclosed, it doesn't matter how encrypted your data is.  Several people here commented that the exact same thing happened to them during the same time period.  I also have no reason to believe my login was compromised in any other way.

And if nothing else, Evernote warning it's users a week+ later about suspicious login activity should alarm you.

Link to comment
  • Level 5*
On 9/12/2018 at 10:46 AM, AP123 said:

it doesn't matter how encrypted your data is

Please provide details.  
My encryption uses AES (Advanced Encryption Standard) with a 128 bit key
My understanding is that no one will be able to read my encrypted data

>>possibly obtained via ...

Do you have new information on this?

The information above is there was a login with userid/password.  
Evernote even logged the device used.

We're still not clear where the userid/password was obtained from.

Link to comment

I was hacked by someone in Korea and Evernote does not seem to care. Sent them screen shots with the person's IP address in Korea. Hacked by iPhone and also found out by device limit.,I am so upset I was not notified and there has been only a canned email response referring me to this community. Ended  up unsyncing my device and wonder how much information was stolen from October 8th. My previous password was not simple so I am concerned about this app not being very secure at all. Why are so many getting hacked?  Are they going to take this seriously and do something about it? They have the device information of the person who hacked me. Obviously I changed my password immediately when I figured out what happened but the damage is or easy done!  Everyone needs to check under settings to see if their accounts were hacked, revoke anyone who has accessed it and remove all devices that have accessed your account that are not yours!!

Link to comment
  • Level 5*

This is obviously serious, and needs to be looked into, but I am not so sure about "hacked." There are several very easy ways to gain access to someone's account (in any service), and one of those is to try out passwords / login details obtained from a hack of any service, even if it is totally unrelated to Evernote, because people often re-use the same password across sites. This is probably going to be done by a "bot" of some kind, so no amount of human speed is going to help you out. And, I wouldn't be surprised if they use a VPN, which masks their identity by routing their connection through a server in another country.  VPNs are pretty common, and the IP address probably doesn't tell us a whole lot about where the person actually is -- it could be your next-door neighbor or the person sitting next to you in the coffee shop just using a VPN.

"Hacking" an account (to me) implies some sort of problem with the service. Gaining unauthorized access seems the most appropriate. It's a minor distinction, but making it reminds us about the need to regularly change passwords, use two-factor authentication whenever possible, use random passwords, make our passwords long, and make them unique.

I agree that a notification would be nice :)

Link to comment
  • Level 5*
On 10/15/2018 at 6:43 PM, MyVoice said:

Everyone needs to check under settings to see if their accounts were hacked, revoke anyone who has accessed it and remove all devices that have accessed your account that are not yours!!

Hacking detection is a great idea

However the accounts are being accessed with userid and password; no hacking required.
Users can implement 2-factor authorization so unknown devices can be identified.

Link to comment

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...