Evernote is forcing users to change their passwords after its systems were breached by attackers.
The company confirmed it had been hit by a cyber attack in a blog post on Saturday.
Dave Engberg, chief technology officer at Evernote, was quick to reassure users no financial information had been lost during the breach and that any information the hackers may have gained access to was encrypted.
"In our security investigation, we have found no evidence that any of the content you store in Evernote was accessed, changed or lost. We also have no evidence that any payment information for Evernote Premium or Evernote Business customers was accessed," said Engberg.
"The investigation has shown, however, that the individual(s) responsible were able to gain access to Evernote user information, which includes usernames, email addresses associated with Evernote accounts and encrypted passwords.
"Even though this information was accessed, the passwords stored by Evernote are protected by one-way encryption. In technical terms, they are hashed and salted."
Evernote said that the password reset is a precautionary measure and that the encryption should mean the lost data is useless to the hackers.
"While our password encryption measures are robust, we are taking additional steps to ensure that your personal data remains secure. This means that, in an abundance of caution, we are requiring all users to reset their Evernote account passwords," read the release.
Despite Evernote's quick reaction, some experts have warned Evernote users may still be in danger.
Check Point UK managing director, Terry Greer-King praised Evernote for its quick reaction, but warned that users should be extra vigilant when looking at unsolicited messages.
"Evernote has done exactly the right thing by requiring all users to reset their passwords. But users should do this by directly accessing the website, and should be cautious about clicking on links in emails they receive, no matter how authentic the emails appear to be," said Greer-King.
"There's a risk that external parties could use the email addresses exposed in the attack to send phishing emails to users, to try and harvest sensitive data."
Evernote is one of many companies to be hit by cyber criminals in recent years. Prior to it storage service DropBox also suffered a data breach. The breach was particularly bad as unlike Evernote, DropBox was not encrypting user data stored on its network.
Claims to have "the most competitive logic density" in the industry
Dell's high-end mobile workstations upgraded with Intel Coffee Lake CPUs
Webstresser admins were also arrested in the UK, Croatia, Canada and Serbia
Security firm claims that 117,638 sites out of 135,035 analysed contain serious security flaws