Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?
Cloud Security IT

Evernote Security Compromised 104

starburst writes "Another online company has had its security compromised. Today Evernote posted on their blog that they're issuing a service-wide password reset because of suspicious activity on their network. They say an unknown intruder gained access to usernames, email address, and encrypted passwords. Even though the passwords were hashed and salted, they're doing the password reset as a precautionary measure. Nevertheless, it's a good reminder to keep a close eye on who you keep your data with in the cloud. Nothing is totally secure; it's always a compromise between security and convenience."
This discussion has been archived. No new comments can be posted.

Evernote Security Compromised

Comments Filter:
  • Shocking... (Score:3, Interesting)

    by ohzero ( 525786 ) <onemillioninchange&yahoo,com> on Saturday March 02, 2013 @06:02PM (#43056447) Homepage Journal
    One more trendy company that didn't have a security program gets compromised. It's almost as if ignoring the problem doesn't make it go away. Pentest, code review, remediate, and test some more. Or, you know, lose brand value...that's the other option.
  • Re:Shocking... (Score:5, Interesting)

    by Mr Thinly Sliced ( 73041 ) on Saturday March 02, 2013 @06:10PM (#43056497) Homepage Journal

    As entertaining as a finger pointing "these guys don't know what they're doing" exercise can be, with the best will in the world you're always just one mistake away from letting the bad guys in.

    It sounds like they have a pretty good system in place (salted hashes, intrusion detection mechanisms and notification) and they aren't being coy about a problem.

    At the very least their internal security team now gets a nice big stick to beat management with to stopping cutting certain corners.

"If it's not loud, it doesn't work!" -- Blank Reg, from "Max Headroom"