We are aware of recent reports regarding targeted phishing attacks that have resulted in account takeovers of some Signal users, including government officials and journalists.

@signalapp Since Signal always asks for a PIN code for backups, it seems logical that threat actors are exploiting this behavior to trick users.