As the others posting here, I also received the email and was very alarmed by it.
As xvisto mentioned, I would like to find the same information. xvisto could you please share on private what you got from supports and you can share?
In my case the history looked fine, but as Rich mentioned, this may not go very far back. Also, I am not sure it would cover API calls using my account... Would it?
I did have a toke issued on my account, which I now removed and was issued in 2018 if I remember correctly, not by me obviouslly.
I would like to know from Evernote, more information behind this statement from the email "We believe someone has learned your password from a website or service not associated with Evernote". Are you saying here you suppose someone learned my password by some means on the web (which would be very generic), or do you have some actual websites or services that you think were breached and where my password could have been stolen? In any case I would like to get more information. Could you please let me know how I can get this?