It wasn’t 1Password that got breached, it was a 3rd party company called Okta, which 1Password was using in some capacity.
The attempted breach was detected and the hackers had only 1 set of Okta credentials from 1 member of the IT team. So they couldn’t actually do much.
It was detected and immediately all the keys were changed so the hacker lost all access to Okta immediately.
No 1Password systems were affected at all.
Hypothetically even if the hackers somehow managed to get a customers vault, they would never be able to decrypt it because it requires 1. The master password AND 2. The very long and complex decryption key, which only the user posseses.
Even 1Password does not posses it so it’s literally impossible for the vault to be hacked.
1Password is still by far THE most secure password manager.
KairuByte@lemmy.dbzer0.com 1 year ago
Save you a click: No user data was compromised.
pingveno@kbin.social 1 year ago
Regardless, I'm glad they are being open about this. I use 1password, so I want to know absolutely anything that could be a threat, especially after the debacle with LastPass.
ziggurism@lemmy.world 1 year ago
1password user data is encrypted, right? so even if a hack had allowed a bad actor access to user pw databases, it’s not like they would’ve just scored everyone’s passwords… right?