People that had their Evernote hacked, did they steal your info or identity?

[BobDole1 0]

I'm curious to know whether the thousands of people who had their Evernote hacked did they have a physical person snooping thru their info and stealing their identity, or was it only a bot attack that left you unaffected? Thanks

[Boot17 869]

Thousands of Evernote accounts have been hacked? Is this recent? News to me. Where did you see this at?

[agsteele 2,341]

There's is no evidence that this happened. The EN team investigated and found it was mis reporting of IP addresses used by proxy servers that EN uses

[PinkElephant 6,213]

3 hours ago, BobDole1 said:

I'm curious to know whether the thousands of people who had their Evernote hacked did they have a physical person snooping thru their info and stealing their identity, or was it only a bot attack that left you unaffected? Thanks

Any evidence ?

Else stop spreading unfounded rumors.

Thanks for nothing !

[zzzzzK 0]

someone at 1.36.172.185
(Central, Central and Western District, Hong Kong)  accessed my account today

[gazumped 10,331]

On 11/5/2021 at 4:54 PM, zzzzzK said:

someone at 1.36.172.185
(Central, Central and Western District, Hong Kong)  accessed my account today

https://help.evernote.com/hc/en-us/articles/115004395487-What-to-do-if-you-suspect-unauthorized-access-to-your-Evernote-account

[PinkElephant 6,213]

@zzzzzK Since the typical reason for this to happen is the (bad) habit to reuse login data like passwords, don’t forget to secure all other accounts as well once you made it for your EN login. Mail accounts first, then everything where somebody can spend money out of your pocket.

[Animamundi73 0]

On 10/1/2021 at 8:58 AM, PinkElephant said:

Any evidence ?

Else stop spreading unfounded rumors.

Thanks for nothing !

I have had my evernote hacked, and accessed after checking this today as it wouldnt open for me. Access history showed an Iphone regularly accessing my evernote account, always with an Iphone accessing it?? I dont own anything apple, and dont have an iphone. I have withdrawn their access permissions in my account settings. This is not made up and here are some pasted evidence for you, its not unfounded and perhaps the The EN team who investigated and found it was mis reporting of IP addresses used by proxy servers that EN uses could explain the different devices used? Im no IT expert and am convinced that a re route through different IPs could potentially show different countries, but this wouldnt then show in access history under a device thats not associated to the account. Password for evernote has been changed and ill monitor this. I have checked my Google account that I use for Evernote and this shows no evidence of any tampering. 

Evernote for Android Android-ZTE-MH-2913NPE	11/04/2021	72.255.43.159 (Lahore, Punjab, Pakistan)
Evernote for iPhone MHZLF 9987VTN	10/31/2021	183.83.190.161 (Chennai, Tamil Nadu, India)

 

 

Evernote for iPhone Evernote for iPhone J4GZQ 5143ubhg 11/09/2021 84.54.83.134 (Tashkent, Tashkent, Uzbekistan)

[gazumped 10,331]

8 minutes ago, Animamundi73 said:

The EN team who investigated and found it was mis reporting of IP addresses used

Hi.  Just to be clear - did Evernote investigate this for you?  If you have any queries about their conclusions,  you should take it up with them.  If you've followed the advice above, your access is now as secure as it can get.  As you have some dates,  you can check to see if any updated dates match this apparent access,  but it's impossible to discriminate between any actions or views that might be by you in person,  and someone else using your access credentials.

[DTLow 5,721]

1 hour ago, Animamundi73 said:

I have had my evernote hacked

Just to be clear, someone used your account id and password to access your account   
You need to do a better job at keeping your password secure

[PinkElephant 6,213]

... regarding the device, it is very easy to fake the type of device accessing an account. Probably a bogus iPhone is used, because it will look more innocent than a high powered server. Usually a server is behind attacks like this, running down lists of userIDs and passwords purchased from the dark part of the internet. Whenever a combination works, the breach is noted by the server and then followed up by hackers searching the account for valuable information.

... regarding the location, it is never the place where the hacker is located in reality - it is the place where the exit server of the VPN network is located the hacker is using. Since a lot of people use VPNs for legitimate reasons, the fact that a VPN is used can't be employed to identify illegal account access. It can as well be the account owner who places a VPN between himself and the internet. 

So make sure that you use a strong and unique password for every account, and enable 2FA for an additional layer of security.

[NotSure 0]

Was there a large security breach where someone hacked into Evernote versus just hacked into my account somehow? I just I noticed last night November 15th 2021 late in the evening someone created a note with the title picture and some animated picture. I was using a MacBook and it was acting weird things like someone else moving the cursor. So any news about this or only me? Thank you

[agsteele 2,341]

There are no reports of a widespread hack. We'll have to see if anything is announced from EN HQ.

[PinkElephant 6,213]

If there was the problem as described, this looks more like a local issue. EN as an app can't move your cursor.

What can move a cursor is any type of remote control software installed to your Mac, stuff like Team Viewer, Remote for Mac or similar.

Breaches into EN accounts happen when users get sloppy with their login credentials, like reusing passwords on different services. The credentials are stolen elsewhere and then tried by the black hoodies (or better: Their servers, running scripts) on a number of services. To avoid this problem, create unique and strong passwords for every service you use. Employ a password manager to keep track. Wherever possible enable 2FA - for example for your EN account.