Frankly, your attitude throughout this thread is pretty ridiculous. I work in cyber sec and the fact that there is obviously no automated system in place to throw notifications of suspicious logins to registered email accounts is utterly unacceptable and appalling by industry standards. That’s not even broaching the topic of a breach on Evernote’s end, which I’m almost certain there has been. I haven’t accessed Evernote in years and use algorithmically generated unique passwords for all of my accounts. I just received notification of a login from Columbia. The chances that I was key logged and then the hacker waited literally years to attempt a login is preposterous.