I've been hacked too, sadly. My password is listed on the pwned website. 😶 I'm now in the process of changing all the passwords and implementing the security measures that I should have done a long time ago.
Unlike others, my account was accessed from California only, with various IPs via Evernote Web.
Would you say that it looks more like one person has been repeatedly accessing the account (to snoop!) rather than random hackers checking out potential cryptocurrencies or whatnot?
Surely it's impossible to tell, but I'm just wondering how much damage could it potentially be?