Jump to content

Security Update: Email regarding account security

Rich Tener

Recommended Posts

Hi folks, I lead the security team at Evernote.

If you, or the people in your network receive an email from Evernote mentioning that we’ve detected suspicious activity, please know that this is not a hoax or spam message; it’s from us.

The Evernote service and our apps are still secure; however, we discovered an unauthorized person testing a list of usernames and passwords that they stole from a site not associated with Evernote. If this person had the correct password for your account, they connected an iPhone app to it; and then used that app to search for cryptocurrency credentials.

You need to take some actions to protect access to your account. 

  1. Change your password to a unique one. Make it one that isn’t easy to guess. Make it one that you don’t use on another web site. Consider using a password manager to keep track of your passwords.
  2. Revoke any Authorized Applications that you are suspicious about or that accessed your account from an IP address you don’t know
  3. Install an anti-malware application on your computer and run it periodically to clean up any known malware.
  4. Setup two-factor authentication on your account, especially if you don’t want to use a unique password on your Evernote account. Then, even if someone learns your password, they won’t be able to access your account without also stealing your phone.
Link to comment


This topic is now archived and is closed to further replies.

  • Create New...