I got reply from Evernote... seems like a generic response. I have already taken measures for intrusion and monitor closely. -Ed
Thank you for contacting Evernote Customer Support. My name is Cian and I'll be happy to help you today.
I understand you are concerned about account security.
The Evernote service is secure and we want to make sure you take the necessary action to secure your account. There are a few ways someone other than you could have learned the password to your account:
If you use the same password on Evernote that you use on another site, it may have been taken from a site not associated with Evernote. You may want to check a security breach site (like https://haveibeenpwned.com/) for details on security breaches from other companies that included your email so you can review and take action.
If your password was taken from your computer or another computer you used to log in to your Evernote account. If you aren't using malware detection software, we recommend you download Malwarebytes to check and clean your computer.
If you received an email that appeared to be from Evernote but linked to a website (not www.evernote.com) that prompted you for your password. You may have been the victim of a phishing attack. Please forward us a copy of the email or link to email@example.com so that we can investigate it.
Unfortunately, we don't have the resources to tell you whether someone accessed your content or which specific notes they accessed. We've discovered in the past that some unauthorized individuals have searched accounts for passwords and cryptocurrency keys. If you have any in your account, someone may have copied them.
To make sure your account is secure, please do the following:
Change your password immediately. Choose a unique password that you don't use on another website.
Review the authorized applications and access history for your account. Revoke access to any applications that you are suspicious of or that have accessed your account from an IP address you don't know.
Set up two-step verification on your account as an additional layer of security.
Encrypt sensitive text inside your note. When you encrypt text in a note, a separate password will be required to view the text, even if someone, including you, has access to your account.
If you stored any sensitive data in your account like passwords, credit card numbers, or cryptocurrency keys, you should consider changing them to stop or prevent misuse.
I hope this helps! Please let me know if there is anything else I can do for you.
Cian La Grue
Customer Service Representative"