In the meantime, a lot of services have been attacked by hackers: Microsoft, Apple, Twitter, EADS and recently, Evernote.
The last example shows that hackers are not only interested in enterprise credentials but also in private data stored in the cloud.
I know that Todoist is very secure and reliable and you have a very good transparency.
As I know, all passwords are hashed and salted. Is this right? Do you monitor the service so that you are able to detect attacks?
Thanks and best regards!