Hacked by someone with another IP address

[Sazyua 0]

Today, I opened up Evernote and was greeted with a screen saying I have reached my limit of 2 devices and that I was trying to add another one, making me remove one. This is odd because I only have 2 devices. Upon further inspection of my activity log, it seems an IP address under 94.143.232.134 in Czech Republic using an Android device has reached into my account and made their access as my #2 device. This means while I am using device #1, they will be behind the scenes using my #2, looking at my notes. I am from Georgia, United States and I do not own any Android devices. 

I changed my password and enabled two-factor-verification. Can someone at Evernote please give me back one of my free device removals back and to make sure this account is removed from accessing my account after I changed my password? (I am worried that even though I changed my password, they are still in the device until they logged out. ) I did remove their account using my free removal one. 

It's funny because Evernote's Access History states "As part of our continuing efforts to improve security in Evernote, we are now sending an email notification when a login anomaly is detected." Yeah, Evernote.. Georgia, United States and Czech Republic are totally legit places to be considering the distances and definitely not "anomaly" at all. I guess Evernote got confused with Georgia, the COUNTRY. Maybe that explains why they thought Georgia and Czech Republic was reasonable. All jokes aside, I did not receive any e-mail notification when a login anomaly was detected. Spam did not have it either. 

If this is because of the ice storm in Texas and that there is a lack of technical support or security support due to it, then my heart goes out to the team, but this is still a huge security issue. Even those who use their platform for free have every right to privacy protection.  

[AnnaDoe777 0]

Same thing happened to me on Monday AM. I live in North America, Time zone: GMT-5 and I couldn't access my Evernote Web account because I supposedly have reached the 2 devices limit. I checked my profile and saw that 12h before, an Android device from Malaysia was added to my account. I immediately removed it, changed my Evernote password, the email address I used to login as well,  and spent the whole morning changing my passwords on various websites. Why? Because I have been using Evernote for 10 years and there are tons of sensitive information in my account. Sure, they are encrypted but it is the same catchphrase for all my notes.

Anyway, migrating to a different platform!

PS: I knew something was fishing because exactly 12 hours before, I got a Spotify notification about a weird login from a different country. So, I know that my email address and password have been used accross different platform

I checked these 2 websites: https://haveibeenpwned.com/ and https://sec.hpi.de/ilc/, and sadly found out that my credentials were compromised despite Google Checkup and BitDefender Account Privacy saying the opposite.

Go figure!

[StevenJames122 0]

The first step you've taken, changing your password and enabling two-factor authentication, is a good one. Additionally, you can consider using a service like https://apiip.net/ to geolocate the IP address involved in hacking. Evernote should have sent you an email notification when a login anomaly was detected, but it seems that it did not. It's important that you contact Evernote's customer support and ask for assistance in this matter. The company should be able to help you remove the hacker's device from your account and ensure that your account is secure.

[PinkElephant 8,077]

The main issue is that you have been using the same login data for different accounts.

You can move to any service - if you don’t employ better account security, it will happen again.

Get yourself a password manager, and change every single account to a different, unique, strong password. Wherever possible and reasonable, add 2FA.