A phishing campaign is targeting 1Password users to steal their master password, which protects access to the user’s password vault.
The phishing email claims to be alerting the recipient to a suspected breach at 1Password, and urges them to reset their master password as a security precaution.
If the recipient uses the link in the email to do so, the attacker will gain access to their master password, and all other passwords stored within their 1Password account.
1Password has reportedly advised users to block and ignore the phishing messages, and it is believed that the password manager service has not been compromised.
It is not known how the hackers obtained the email addresses of 1Password users.
