Jump to content


Recommended Posts

(Thread updated to reflect our blog post here)


On Monday of this week, a group of security researchers discovered and publicly disclosed a vulnerability in OpenSSL, a software package that is widely used to secure online communications. They called the bug Heartbleed.


Evernote does not use, and has not used, OpenSSL, so we were not vulnerable to this bug. As an Evernote user, you don’t need to take any action.

Some of the services that we use, for example, our support ticketing system, do use OpenSSL. These services have all fixed the bug. We do not believe that any sensitive data was accessed. We are actively monitoring the situation and will notify you if we discover anything.

Link to comment


This topic is now archived and is closed to further replies.

  • Create New...