Intruders snoop around Evernote message board, not users’ notes
Web Services
A third-party that hosts the service’s forum site notified the company about the hack.
Evernote sent an email to affected forum members on 6/16.
The attackers took profile data, email addresses and birth dates. They also stole password hashes from members who created forum accounts in 2011 or earlier, when the login process was handled differently.
Evernote account passwords were stored on a separate system and were not touched.
“The hacker was able to retrieve our forum members’ profile information. We don’t believe that the hacker accessed any private forum messages,” the company said in the email to affected users.
The site hosts 164,644 members. It is unclear how many of them were affected.
Just last week, the Evernote Service was disrupted by a denial-of-service attack.