Evernote begins warning customers about Adobe hack
The repercussions of the recent Adobe hack continue to echo around the internet. The attack exposed the user information for a huge number of customers, and data leaked online displayed email addresses, passwords and hints. The final tally of affected users ended up at 150 million, and the dump has since been parsed by security researchers, such as those at Sophos.
Now Evernote is the latest to warn customers of the far-reaching possibilities that could result from Adobe's misfortune. The note-taking service has been checking the database of email addresses and comparing it to its own customer list. When a matching email address is discovered, a message is generated to warn the potential victim.
There were published reports recently of a security breach at Adobe that may have exposed private information, including Adobe passwords, email addresses and passwords hints of millions of users. The list of compromised Adobe accounts has been uploaded to the web. We compared this list to our user email addresses and found that the email address you used to register for an Evernote account is on the list of exposed Adobe accounts.
Evernote has not been compromised and is not connected to this incident, but if you used the same password for Adobe and Evernote, then you should change your Evernote password now.
The warning goes on to explain the basics of creating a secure password. Evernote also has the option for two-step authentication for all customers.
It should go without saying that a strong password is needed, and it should not be used on any two sites. However, the Adobe breach showed this warning falls on deaf ears for most users -- the top password was "123456", followed closely by "password".