Attack Overview
Dashlane, a popular password manager, experienced a security incident starting May 31, 2026, when an external attacker launched a large scale brute force campaign. The threat actor repeatedly attempted to guess authentication codes designed to protect two factor verification, aiming to register unauthorized devices on user accounts. This high volume of login attempts triggered Dashlane’s automated security systems, which responded by temporarily locking multiple accounts as a precautionary measure to prevent any unauthorized access.
Impact and Response
The attack caused temporary disruptions for some users, including inability to log in or add new devices. Dashlane’s security team immediately launched an investigation and implemented mitigation measures. The company has since restored access to all impacted accounts and confirmed normal operations have resumed. Dashlane emphasized that these account lockouts were part of its defensive strategy and not evidence of successful compromise. However, investigators determined that attackers managed to download encrypted vault data for fewer than 20 users on personal plans, and those individuals have been directly notified. Dashlane reassured users that the stolen vault data remains strongly protected under its zero knowledge encryption model, as vault contents are encrypted using each user’s Master Password, which is never stored or transmitted to company servers. The company confirmed no evidence suggests a breach of its internal infrastructure, as the attack was limited to external authentication attempts. Dashlane has since blocked malicious traffic sources and reinforced its security controls to detect similar patterns in the future.
Source: Cyber Security News
