Received a mass email from a support account. What happened here?

Community Member
edited August 2023 in Business and Teams

Image removed to protect private information

What happened here? We received what looks like a mass email exposing a bunch of emails from what I believe are other customers.

This is alarming.

1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser: Not Provided


  • Hi @raisedadead,

    So that we can properly investigate, I'd like to ask you to send us an email to with the email associated with your account. You can link to this community thread in your email and then reply directly to this thread with your ticket ID so that we can better connect the dots.

    In the meantime, I've removed the image from this thread as it contains some personally identifiable information.

  • raisedadead
    Community Member

    Hi @ag_max

    Thanks for getting back to me.

    Sure - I believe I had redacted anything private, but that is beside the point. I have reached out on the email as you instructed, and here is the ticket ID that I have got: 161791

    Let me know if you need anything else with the investigation. I am happy to provide the raw email, headers, etc., in case you need that.

  • raisedadead
    Community Member

    I gave the original email that I received a second look, and it appears someone from the business support must have accidentally copied a bunch of emails into a support email.

    However I want to rule out that this was just an accident and not a glitch in your systems.

  • Hello @raisedadead,

    Thanks for sending in your support ticket ID. I've asked our security team to review the case and confirm if there is anything you need to know. While our investigation is still ongoing, and we'll reply to your ticket with more details, I did want to share our initial findings with you:

    • Someone sent an email to our support team, various other companies, and several other email addresses. Our support system sent an automated reply to the ticket, including everyone that the ticket was sent too.
    • Our team identified the initial ticket as likely spam, and closed it so no further messages would go out.
    • The email was not initiated by 1Password or a member of our team.
    • If you, or anyone else in the ticket has a 1Password account, no information about any account was accessed or shared, and no action has been taken on any account as a result of the spam ticket.
    • While the initial message sent was probably spam, we do not know the motives of whomever did this, and would advise ignoring the email and any related emails. The 1Password team will not be responding to the original ticket, other than potentially sending a generic notice that the message appears to spam. If anyone appearing to be 1Password replies, the message is likely spoofed and should be ignored.

    Once again, our security team is reviewing the case and will reply back to your support ticket #161791 with our findings.

    Thank you,

  • XIII
    Community Member

    someone from the business support must have accidentally copied a bunch of emails into a support email.

    In somewhat similar cases, where someone accidentally has put multiple email addresses in the cc: field instead of the bcc: field, the EU (GDPR) considered this to be a personal data breach that has to be notified to the “competent national supervisory authority”.

  • Hello everyone,

    Our Security team has finished reviewing this case. They agree there’s nothing to worry about, and I'll summarize their findings for you:

    • Someone sent an email "To" 1Password, various other companies, and some random email addresses.
    • Our support system automatically replied to everyone to indicate that a ticket has been opened.
    • Then we closed the ticket as spam.
    • No 1Password account information was accessed or disclosed as a part of the ticket, and no changes were made to any 1Password account.

    To help protect anyone who may be a 1Password customer, a follow-up email is being sent to suggest they ignore the ticket, and that they contact us directly if they have any questions. We've also adjusted the configuration of our support system so that if this happens again, an automatic reply will be sent only to the sender.

    If you were involved in the case, please send a new email to and we'll be glad to answer any questions you have.

    Thank you,

This discussion has been closed.