1Password says a recent incident that caused customers to receive notifications about changed passwords was the result of a service outage, not a security breach.
The company first revealed in a incident report five days ago the notifications were erroneous and related to routine database maintenance scheduled for Thursday, April 27.
Today, 1Password Chief Technology Officer (CTO), Pedro Canahuati, provided more details and said customer information was not affected.
“On April 27, between 9:03 p.m. and 9:26 p.m. ET, 1Password experienced a brief outage. This was not a security incident and customer data was not impacted in any way,” Canahuati said.
“Client applications displayed an incorrect message stating: Your secret key or password was recently changed. Enter your new account details to continue.”
However, as Canahuati explained, this did not happen. The erroneous alerts were triggered by 1Password’s US servers responding to a spike in sync requests following the migration of backend databases with connection denials.
Client applications incorrectly interpreted the error code sent by servers and displayed incorrect password change alerts on client devices in the United States region.
However, these alerts have not gone unnoticed, with 1Passwords users worried that their accounts have been hacked or that the company has suffered a security incident.
Traffic in 1Password’s US environment returned to normal at 9:26 p.m. ET on April 27, with no further failed login attempts detected.
On April 28, no additional erroneous messages appeared when monitoring the service status, and the fixes were confirmed to work as expected.
Although the company didn’t mention it, this wasn’t the first time such errors had appeared on users’ devices, with some reports dating back as far as December 2022even if they never changed their secret key or passwords.
At the time, 1Password team members asked affected customers to contact the company’s support team to provide more details so the issue could be further investigated.
Since no other 1Password updates have been added, previous instances of such notifications appearing were likely related to minor incidents affecting a much smaller number of customers.
Canahuati added today that 1Password will use data collected from last week’s incident to understand the root cause and improve database migration processes and error handling.
“We take the integrity of your data and the stability of our systems very seriously and will continue to work hard every day to earn the trust you place in us,” Canahuati said.