Account Hacked?

[sherryfrancisco 0]

I believe my account was hacked 29 times last night. The Access History lists areas from Russia to Texas to Delaware and more.

When it says it was "Accessed", did the perpetrators have full access to my notes? Or were they just attempting to open it? 

Please let me know as I have sensitive information on my Evernote account. Is there a better way to keep them safe? I cannot encrypt it. My computer does not give me the option. Is it because I have the Free Version?

 

 

 

 

[gazumped 12,073]

4 hours ago, sherryfrancisco said:

I believe my account was hacked 29 times last night

Hi.  Why?  If you've seen on your access history that these attempts were made,  it does not mean that any of them succeeded.  Evernote are normally careful to notify anyone whose account appears to have been the subject of an attack that they should take a variety of precautions including 2-factor authentication and changing to a unique password.  If you've not received any such alerts,  then it doesn't sound like the company is aware of any serious threat.  You can get most of that advice here - https://help.evernote.com/hc/en-us/articles/115004395487

We're mostly users here in the Forums,  and as a non-subscriber you don't have easy access to Evernote support.  You could subscribe - even if only a month - to verify what happened here,  or you can contact Evernote via Twitter @EvernoteHelps.

[sherryfrancisco 0]

Actually, I did receive an alert from Evernote at 4:47 am. It said "We noticed a new login to Evernote and wanted to make sure it was you." It came from a browser in Wilmington, Delaware. I am in Texas. That is why I am concerned that they have had access to my notes. I have changed the password but I hope it is not too late. 

 

[PinkElephant 8,832]

Access means access - why anybody would do so 29 times is beyond my imagination, whatever. Access is listed in access history, including the IP and the rough area where it is located. The area is an estimate, first because the IP ranges belong to the ISP, and are interchanged in the area he serves. Second hackers use VPN servers to cloak their location - so likely it is the IP of a VPN exit server that is listed, not the real address. It can be the hacker sat in one place all of the time, and just rotated the VPN servers used.

If it was hacked, they somehow got hold of your user name and the password. The most common reason is that you use the same password on several counts (or a slightly altered one, where the altering scheme can be tried). If that’s the case, you should think about all of your accounts. Get a password manager, and start to change the passwords of all accounts. Enable 2FA wherever it is offered.

[gazumped 12,073]

11 hours ago, sherryfrancisco said:

It came from a browser in Wilmington, Delaware

Just for information - check your own IP address (try https://www.whatismyip.com in your browser) and compare with the Wilmington (or any other) access - I've had connections to my account listed from India (I'm in the UK) but the IP address was mine in each case...  As noted above,  IP addresses aren't necessarily an accurate guide to where the access comes from.