Getting started with 1Password for your growing team, or refining your setup? Our Secured Success quickstart guide is for you.
Forum Discussion
Solved
Did 1Password get hacked? The Disney Employee said hackers got into his 1password account.
Hey Folks,
Decade+, happy 1password user here, however, my underpants clenched up when I read this on the WSJ today A Disney Worker Downloaded an AI Tool. It Led to a Hack That Ruined His Life. - W...
Hey everyone! I totally understand why this story raised concerns, but I'd like to assure you that 1Password was not hacked and remains secure.
In this particular case, the attacker compromised the individual’s local device. They intercepted his password using a keylogger, which allowed them to log into 1Password. Once a device is compromised, an attacker has nearly unrestricted access.
To help protect against attacks that target compromised devices, we recommend:
- Ensure device integrity — keep your devices free from malware by installing security updates, enabling built-in security features, and using endpoint protection tools that actively detect and prevent threats.
- Trust only verified sources — download software exclusively from trusted providers. Avoid unverified applications that could contain hidden malware.
- Strengthen authentication for critical accounts —use phishing-resistant authentication methods like hardware security keys (e.g., YubiKey) or a separate authenticator app to reduce the risk of credential compromise.
- Limit exposure from browser extensions — review and disable unnecessary or untrusted extensions, as they can introduce vulnerabilities that attackers may exploit.
For more details on how 1Password protects information on your devices (and when it can’t), I would recommend reading our blog linked below. 👇
🔗 How 1Password protects information on your devices (and when it can’t)
Thank you Member: 1P_Blake | 1Password Community for your reply. Your explanation I feel “assumes” the hackers used his device ONLY for access to 1PW (ie. had his password), and not a 2nd “hacker” owned device. My reasoning for this is the hacker would have needed his encryption key and password to setup another device. Do you / 1PW know for a fact there was not outside access (2nd hacker device) to his 1PW account? Thank you.
- 1P_Blake
Community Manager
Hey cssmith07
I appreciate the follow-up, and I want to clarify this point -- once an attacker fully compromises a device, they don’t need a “second hacker-owned device” to access 1Password.If malware like a keylogger is installed, it can capture everything the victim types—including their 1Password account password. Since the attacker is controlling the legitimate user’s session on their own device, they can log in and access data just as the legitimate user would.
To be clear: there was no need for an attacker to set up a new device. They simply used the victim’s already-authenticated session on their own compromised machine.
This is why keeping your device secure is the most critical step in protecting your data. No password manager—1Password or otherwise—can prevent an attacker from accessing data if they already have full control over the device where it’s stored.
