0
Quote
Popular note-taking service Evernote has reset all user passwords after information including usernames, email addresses, and encrypted passwords was stolen in a security breach. A post on the service's official blog — currently experiencing loading problems — emphasises that no content was either "accessed, changed, or lost," but advises users that they will be prompted to choose a new password next time they log in, and provides advice on selecting a secure word or phrase.
The passwords taken in the breach were both hashed and salted, meaning that they should be protected from all but the most dedicated cracking attempts, but the blog post does not explain which encryption algorithm was used. According to an email from Evernote, "unusual and potentially malicious activity" was first detected by the company's security team on February 28th. Evernote plans to release updates to its native apps for various platforms "over the next several hours" in an attempt to smooth out the password reset process for all users.
Source: Verge
