Possible security breach!

[NikosAng 0]

Has anybody noticed recently unauthorised access to their account?

I just noticed that there was access to my account from Indonesia (i have not been there for almost 20 years) from an iPhone (never had an iPhone in my life) on 22 Oct.

This is potentially a serious incident!

[DTLow 5,736]

7 hours ago, NikosAng said:

Has anybody noticed recently unauthorised access to their account?

I just noticed that there was access to my account from Indonesia (i have not been there for almost 20 years) from an iPhone (never had an iPhone in my life) on 22 Oct.

This is potentially a serious incident!

There's various reports.

Recommendation is to have a strong password that isn't shared with other services.
Also, implement 2 Factor Authorization.

[SandyD_KS 0]

I actually just came to this forum for this same question.  I just noticed in my Access History that my account was accessed from IP addresses in Venezuela, Illinois and Pennsylvania on Oct 8, 12, 22.  I was never physically in those locations.  I was however flying through ATL on one of those days. 

I just changed my password.

For the Illinois and Pennsylvania access it says access was from my iphoneX.  From the Venezuela is says from "iphone". 

 

[tresca@uol.com.br 0]

I am facing the same trouble. On october 30th, 2018 my account was accessed from Indonesia as per Access History. I am in Brazil. 

[kevin_rowlands 0]

I had the same problem today. My account was accessed from a 3rd device in Austria. I am in the UK.

How was this allowed by evernote-I cannot do this without going premium or removing a device.

And why was I not notified when this had occurred?

Evernote have some serious questions to answer here-needless to say 'support' are not replying to my emails.

[Ed Sazo 0]

I noticed a security breach as well. My data was access via unidentified IPhone in China. I have notified Evernote security. It happened around the same time frame of Oct 22. I will post what I get as a reply from security.

 

[Ed Sazo 0]

I got reply from Evernote... seems like a generic response. I have already taken measures for intrusion and monitor closely. -Ed

"Hi there,

Thank you for contacting Evernote Customer Support. My name is Cian and I'll be happy to help you today.

I understand you are concerned about account security.

The Evernote service is secure and we want to make sure you take the necessary action to secure your account. There are a few ways someone other than you could have learned the password to your account:

• If you use the same password on Evernote that you use on another site, it may have been taken from a site not associated with Evernote. You may want to check a security breach site (like https://haveibeenpwned.com/) for details on security breaches from other companies that included your email so you can review and take action.
• If your password was taken from your computer or another computer you used to log in to your Evernote account. If you aren't using malware detection software, we recommend you download Malwarebytes to check and clean your computer.
• If you received an email that appeared to be from Evernote but linked to a website (not www.evernote.com) that prompted you for your password. You may have been the victim of a phishing attack. Please forward us a copy of the email or link to security@evernote.com so that we can investigate it.

Unfortunately, we don't have the resources to tell you whether someone accessed your content or which specific notes they accessed. We've discovered in the past that some unauthorized individuals have searched accounts for passwords and cryptocurrency keys. If you have any in your account, someone may have copied them.

To make sure your account is secure, please do the following:

1. Change your password immediately. Choose a unique password that you don't use on another website.
2. Review the authorized applications and access history for your account. Revoke access to any applications that you are suspicious of or that have accessed your account from an IP address you don't know.
3. Set up two-step verification on your account as an additional layer of security.
4. Encrypt sensitive text inside your note. When you encrypt text in a note, a separate password will be required to view the text, even if someone, including you, has access to your account.
5. If you stored any sensitive data in your account like passwords, credit card numbers, or cryptocurrency keys, you should consider changing them to stop or prevent misuse.

I hope this helps! Please let me know if there is anything else I can do for you.

Sincerely,

Cian La Grue

Customer Service Representative"

[zotje 12]

I've noticed that checking the access history, my iphone can have some connections from strange locations.  I have a pretty distinct naming connection for my device, so I am not too worried as long as it tells me it is my device.  I notice that the IP address are all owned by AT&T mobile, which makes me think it's just dynamic IP addresses that AT&T assigns and reassigns constantly to phones.   I do recommend the 2 factor, I've had that since the day evernote added that functionality. 

[luciea 0]

Same here, just noticed an access from an iphone in Ukraine last night. Such a security breach is quite worrying!

[GrumpyMonkey 4,319]

Please report this to customer support. It might be unauthorized access to your account due to any number of reasons — not necessarily a security breach at Evernote (actually, at Google, because EN is using their servers now). The more information customer service has, the sooner they can help you out. In the meantime, it never hurts to change your passwords (random, long, and unique—use different ones for every site). A password manager is helpful for this.

[Prashant P 0]

I have two accounts and both accounts have unauthorized access. I've reported this to Evernote... waiting on their response.

[GrumpyMonkey 4,319]

Please see the thread announcing an ongoing attack / attempt to access accounts using passwords obtained from some other service.