Account was accessed multiple times, no notification/email.

[gtxyphoenix 0]

Recently while using Evernote on my phone I was told to revoke access from a device. I've used Evernote on more than two but had to swap since my last phone broken and returned another that I didn't like. Recently though I've only been using it on my phone and laptop so I thought this was odd. I go to revoke a device and see that an iphone is somehow accessing my account. I've never owned an iphone and never even used one. I thought it was really odd because it said my account was last accessed about two hours beforehand. I go to check the activity log and see that since April my account has been accessed multiple times (Attached picture). Since then I've enabled two factor, changed password, and forced log out on all devices, if any left. 

I'm not really interested in how this happened to be frank. I want to know why I never received any email or notification about any of these because there's a chance this is happening to other people without their knowledge. Thank god I didn't have anything that important in my notes but if I had used this for some genuinely important stuff this could've been miserable for me. 

While I'm sure I could get a hole of my account no problem, my password was able to be changed without using my email. Not exactly something I would've liked waking up to

All in all the problem is solved but I'm not feeling to great about using evernote for things now that I have to keep an eye on it every so often.

[jefito 5,589]

Please see the following relevant topic, particularly posts by @Rich Tener: 

 

[DTLow 5,736]

2 hours ago, gtxyphoenix said:

I want to know why I never received any email or notification about any of these because there's a chance this is happening to other people without their knowledge.

You could post this as a request.  There's already some notification processes, but I'd like an email every time a new device accesses my account.

Your best protection is not letting the bad guys know your password.  Don't use your Evernote password at other sites.

You can also implement 2 factor authorization.

[gtxyphoenix 0]

It just kinda sucks that it's a feature that has to be requested in the first place. I didn't know about the request area but it kinda looks like a mess and somebody actually made a short post about it 2 hours before I made this which is funny in a bit of a sad way.

[gtxyphoenix 0]

Thanks for posting that, I hadn't seen that before. Odd that the logins are this recent though considering this was an issue in Sept. last year. I hate to think how long this has been going on for. Password is changed, two factor is on, and anywhere someone might've logged in should be logged out so it's hopefully all good now

[PinkElephant 8,049]

Please do not only think about Evernote. 

There have been several breaches with the copying of a wealth of user-PW-combinations over the years (none of them directly with Evernote !). These databases are available in the Internet for money to buy. When you use the same user for several accounts, is is just the PW between your data and the bad guys. If you reused or only slightly modified your PW, then the danger is real.

If your EN account is now save by changing PW, employing 2-FA etc., then try to fix all the other accounts that may be at risk.

And start to use a good PW-Manager that will help you NOW to create and save strong PWs for all your accounts.

[JohnLongney 83]

Well, I'm inclined to think that Evernote were involved at some time or other. At least one such occurrence took place in 2013 and what with all those management changes and other issues Evernote had to deal with  maybe just a case of  time bomb gone off? 

[PinkElephant 8,049]

Nobody can be sure ...

Just if you read the threads in the forum, it is

• too few users to be a breach in recent times at EN itself (then the forum would probably be flooded and offline by now ...)
• Bad guys seem to be poking around, trying to enter, and then searching for data leading to cryptocurrency
• typically the claim is from BASIC users that find out they can not enter because there is foreign device dialed in, often concealed as an iPhone from some remote (VPN)location. Probably among these are users that use the service less often than those who pay, and will not look after account security that much. What is it worth when it is free ?

So for me this is strong evidence that the data results from other leaks. I do not think that outgoing CEOs would hack themself into user accounts. They don’t need to, they have received money from the paying users the direct way 😎

[Jhaber 0]

Twice in the last week my Evernote has been accessed by outside users. I am in the US, once a user from Vietnam was logged in and once from someone in Korea. I only discovered this because I went to do something and it said I was over the number of devices logged in and I knew I wasn't (free account w/2 devices). I changed my password but did not enable Two-Step Verification yet but guess I should.