Suspended user was able to make changes

benz0
benz0
Community Member
edited January 19 in Families

In August I noticed a member of the family who is also a family organizer, started deleting a bunch of passwords from 1Password without letting me know. I suspended the user to prevent further damage but today that person was able to change the password on a vault that is shared. I only know this because they told me, and I double checked and saw that the credentials in question were modified this afternoon. The user is still suspended so I don't know how they was able to login and make changes.

My question are:

  1. How can I prevent them from doing additional damage?
  2. Is there a way to see what damage has been done already?

thank you

1Password Version: 8.10.22
Extension Version: 2.19.0
OS Version: OSX 13.5.2
Browser: chrome

Comments

  • GreyM1P
    GreyM1P

    Hi there @benz0

    We'll need to look into this with you by email, so send us an email at support+forum@1password.com and you'll receive an auto-reply from 🤖 BitBot. It will contain a conversation number, which looks like [#ABC-12345-123] – post that here and I'll be able to make sure your message goes to the right team. I look forward to hearing from you. :)

    — Grey

  • benz0
    benz0
    Community Member

    I did this, it took several days to get a response and ultimately what we determined is that someone compromised my 1password account.

  • GreyM1P
    GreyM1P

    @benz0

    I've found your conversation with our team. If you have any questions about this or need any further help, please reply to our email. To prevent duplication of work, I'm closing this thread.

This discussion has been closed.