GC2023

You are probably correct @Boot17 Still interesting to hear if any do pop up. Thanks for the replies.

Hi all, I recently posted I wanted to follow up and see what sort of additional activity people noticed with details they may have had in Evernote after the initial issue. I have been digging around with my Crypto transactions and I am try to get a feel from others as to their insights. Did you notice any other activity on accounts to might have had in Evernote or simply see activity in your Crypto wallets? I was wondering if people thing these are typically bots accessing accounts and performing searches online and then collecting wallet information as opposed to humans doing it manually. There seemed to be quite some time between entry to my account and removal of funds (12hrs) but this could be for a number of reasons. If it was a bot I would expect instant removal? Perhaps a human was reviewing all the information and running a script.. I had a bunch of wallets in Evernote but none of the others got hacked in the same way although I did not leave things lying around long. Three days later a bot or person came along to clean up remainder of my crypto - even very small amounts not really worth keeping or not likely to increase in value. I left them there out of interest. Likely a human? I had some passwords for other things in Evernote but did not see any activity on those accounts - they were properly protected with 2FA however. Wondering if this is truly just Crypto focused activity or have others seen otherwise?

Thanks both I will do as you suggest.

Hi, I recently got hacked, which is my own fault... but I think Evernote can be improved to help ensure this sort of things doesn't happen in future. I know about not reusing passwords, MFA and all the rest - security is an onion and all that. The default tenant of good cyber security is a Zero trust approach - never trust, always verify! To that end I wonder if it has been discussed on this forum before that the simple approach of changing to an always verify approach to new login clients will significantly improve overall security. I had some important information in Evernote that I forgot to remove some years ago and this has caused a significant financial impact. I received one email about one new login. I missed it amongst all the other email I receive. I reviewed my access history - there were almost 2K logins all on the same day from hundreds of IP in what I suspect is an attempt to overwhelm Evernotes so called anomaly detection system. If I had received 2K emails about new logins that might have sparked a reaction. If however instead of allowing the access - the login required validation from the "hacker" through my email account which is very well protected - this would never have happened. Most websites I used now use this methodology - verify by email on new client location/login using some code or random string. I work in software - this is a pretty simple implementation with a vast improvement to the overall default security of accounts. While the current approach to notify via email comes across as proactive, it doesn't actually do anything to protect users and the users need to react retroactively which is sometimes too late. 99.9% of the time you're going to be login in to Evernote on a device which also has some access to email. Switch it on by default, people can switch it off if they want and augment it with MFA for the additional layers but as Evernote have email addresses, this seem like a easy place to start and a default way to secure. Or send me 2K emails instead of just one... they are cheap.