California-based firm Evernote has requested that all users (around 50 million of them) reset their passwords following a compromise of their network.
Evernote allows people to store and organise personal data and sync through desktop, tablet and mobile devices.
While the company have stated that there was "no evidence" that payment details or user content had been stolen or tampered with, user names, email addresses and encrypted passwords had been accessed.
In a statement on the company's website, the firm said its security team discovered and blocked "suspicious activity on [their] network that appears to have been a coordinated attempt to access secure areas of the Evernote service".
It added: "While our password encryption measures are robust, we are taking additional steps to ensure that your personal data remains secure.
"This means that, in an abundance of caution, we are requiring all users to reset their Evernote account passwords."
The firm apologised "for the annoyance" caused by the breach, which it said is becoming "far more common" at other "large services".
The company's information security director, Bob Lord, said the attack "was not the work of amateurs".