Jump to content

Website Breach Warning


Recommended Posts

Posted

I logged in to Evernote this morning and got a security warning that the site has been breached. This is of course concerning. 

I would like a response as to what is triggering this. 

 

image.thumb.png.bdbaff5fb85757c10ce43e434c4c518b.png

  • Level 5*
Posted

Hi.  There's no sign that the website has been "breached" and that warning has no incident date or number of records attached.  I'd suggest you ask Surfshark for more information - they should have some system logs that will explain more.

In case you are concerned about your data - What to do if you suspect unauthorized access to your Evernote account

  • Level 5
Posted

Oh, great alert 🚨 !

Incident date - 
(meaning there was no incident)

Exposed accounts 0
(which again means no incident)

The red flag probably tells you just successfully hacked access to your own account.

Congratulations - you made my day 🎊😜🎆🎉🎇

Posted
14 hours ago, BabyGiant said:

I would like a response as to what is triggering this. 

1) This forum is user to user. (It looks like you are expecting a response from Evernote directly.)

2) If you are a paying subscriber, then you can submit a ticket to support and ask them.

3) Is SurfShark even reputable in this area? I've never heard of it before, but this isn't a good look for them.

People have had their individual Evernote accounts hacked because they re-use their Evernote password on other sites that get hacked. Don't re-use passwords and use 2FA.

  • Level 5
Posted

It looks like a SurfShark Alert message.

Surfshark Alert warns if the credentials entered by a user were found in a breach on the internet. To me this sounds as if a user paid 92.02 up front (This is NOT my invention, it says so on the SurfShark Website) to get the same he could get for free from https://haveibeenpwned.com .

It does not mean a website (like Evernote.com), has a problem, it means that this specific user has a problem. The login data he uses for his EN account is already circulating in the dark net If he has no 2FA enabled, it is just a matter of time until his account will be visited. 

If I were this user, I would be concerned - and probably change my login mail address  and password. For any other EN user, the warning means nothing.

Remark: I love panic attacks by people who buy expensive security, but don’t even understand what they are paying for.

Posted

I also had a login from India last week. I immediately changed password and enabled 2FA. Then last night I had 3 text codes. I’m guessing someone is trying to access my account. Hopefully they can’t hack  2FA

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...