Update: Evernote users, take note - the company plans to implement two-factor authentication as soon as possible following the hack.
In a statement sent to Information Week, an Evernote spokeswoman said that the note-taking business was already planning such a feature, but after last month's hack, the process has been put into high gear.
No content accessed
The company promised that although 'malicious' attacks of this nature are becoming more common, its security team is doing everything it can to protect users.
A post on the company blog explained: "In our security investigation, we have found no evidence that any of the content you store in Evernote was accessed, changed or lost. We also have no evidence that any payment information for Evernote Premium or Evernote Business customers was accessed.
The investigation has shown, however, that the individual(s) responsible were able to gain access to Evernote user information, which includes usernames, email addresses associated with Evernote accounts and encrypted passwords. Even though this information was accessed, the passwords stored by Evernote are protected by one-way encryption. (In technical terms, they are hashed and salted.)"
"While our password encryption measures are robust, we are taking additional steps to ensure that your personal data remains secure. This means that, in an abundance of caution, we are requiring all users to reset their Evernote account passwords. Please create a new password by signing into your account on evernote.com."
