[FoRK] Fwd: Evernote Security Notice: Service-wide Password Reset
sdw at lig.net
Sat Mar 2 11:34:20 PST 2013
If I had time to screw with you, you would be sorry.
Hmm. Worldwide club / company. Members agree to pursue crackers in their own country on behalf of their club members, angling
for local legal standing to file complaints. Share filing templates. Knowledge base of individuals and organizations. Solicit
network, service, and other professionals. File lawsuits with discovery to follow the money.
Ignore law enforcement until the effort is big and effective enough. They only get involved once you've been scammed, when it's
too late to track the attack usually. And what if you are good enough to identify, filter, and track each scam back?
Impossible to get anyone's attention, unless there is a direct and immediate terrorist tie-in I suspect.
We need "marked money": The next transaction on my account is likely a scam, follow the money and report it to a fraud
department, even through multiple hops, and holding any account where cash is attempted to be withdrawn (or capture the ATM /
-------- Original Message --------
Subject: Evernote Security Notice: Service-wide Password Reset
Date: Sat, 2 Mar 2013 19:10:48 +0000 (GMT)
From: Evernote Team <team at email.evernote.com>
Reply-To: team at email.evernote.com
To: sdw at lig.net
Important Evernote Security Notice: Service-wide Password Reset
Dear Evernote user,
Evernote's Operations & Security team has discovered and blocked suspicious activity on the Evernote network that appears to
have been a coordinated attempt to access secure areas of the Evernote Service.
*As a precaution to protect your data, we have decided to implement a password reset. Please read below for details and
In our security investigation, we have found no evidence that any of the content you store in Evernote was accessed, changed or
lost. We also have no evidence that any payment information for Evernote Premium or Evernote Business customers was accessed.
The investigation has shown, however, that the individual(s) responsible were able to gain access to Evernote user information,
which includes usernames, email addresses associated with Evernote accounts, and encrypted passwords. Even though this
information was accessed, the passwords stored by Evernote are protected by one-way encryption. (In technical terms, they are
hashed and salted.)
While our password encryption measures are robust, we are taking steps to ensure your personal data remains secure. This means
that in an abundance of caution, we are requiring all users to reset their Evernote account passwords. Please create a new
password by signing into your account on evernote.com
After signing in, you will be prompted to enter your new password. Once you have reset your password on evernote.com
<http://links.evernote.mkt5371.com/ctt?kn=4&ms=NTcwNzMxMwS2&r=MzMwNTYzMzU1NDES1&b=0&j=Njc1NzUzOTES1&mt=1&rt=0>, you will need to
enter this new password in other Evernote apps that you use. We are also releasing updates to several of our apps to make the
password change process easier, so please check for updates over the next several hours.
As recent events with other large services have demonstrated, this type of activity is becoming more common. We take our
responsibility to keep your data safe very seriously, and we’re constantly enhancing the security of our service infrastructure
to protect Evernote and your content.
There are also several important steps that you can take to ensure that your data on any site, including Evernote, is secure:
* Avoid using simple passwords based on dictionary words
* Never use the same password on multiple sites or services
* Never click on 'reset password' requests in emails - instead go directly to the service
Thank you for taking the time to read this. We apologize for the annoyance of having to change your password, but, ultimately,
we believe this simple step will result in a more secure Evernote experience. If you have any questions, please do not hesitate
to contact Evernote Support
The Evernote Team
Unsubscribe <http://links.evernote.mkt5371.com/ctt?kn=1&ms=NTcwNzMxMwS2&r=MzMwNTYzMzU1NDES1&b=0&j=Njc1NzUzOTES1&mt=1&rt=0> |
For support requests, please contact us by going to our support page
Evernote Corporation, 305 Walnut Street, Redwood City, CA 94063, USA
More information about the FoRK