I just received it, and I knew right away that it was a phishing attempt, since I hadn't opened any support requests, and I rarely use my Trezor.

I soon received another email informing me that it was a phishing attempt, telling me never to enter my recovery phrase, and that the attackers had somehow obtained the Trezor customer mailing list. Despite this, they didn't gain access to any system, data or internal infrastructure.