
Following massive automated login attempts, the password manager Dashlane temporarily locked affected user accounts to protect against unauthorized access.
The IT security sector recorded a coordinated wave of attacks on the well-known password management service Dashlane. Multiple users of the platform unexpectedly found their accounts locked. The administrative block was the result of large-scale brute-force attacks in which external actors attempted to gain access to users’ digital vaults through automated, continuous trial-and-error attempts of passwords. Affected users initially reported on discussion platforms such as Reddit about receiving unsolicited emails.
These messages contained legitimate verification codes, which are normally only sent when a user wishes to register a new, unknown device. Since the login attempts originated from geographically distant locations and unknown IP addresses, this caused considerable concern. Many users initially suspected the notifications were part of a targeted phishing campaign designed to exploit trust in the Dashlane brand to steal credentials, before it became clear that these were actual security warnings from the system.
According to Dashlane, no compromise occurred
The operator of the password manager responded to the incidents by activating integrated security mechanisms to prevent user data compromise. In an official statement to the trade publication BleepingComputer, the company addressed the events.
„We can confirm that certain Dashlane user accounts were the target of a brute-force attack by an external party, which resulted in the locking of these accounts as part of Dashlane’s integrated security controls. The affected accounts have since been released. Our team is actively addressing this issue and taking steps to further protect our customers. There is no evidence of compromise of Dashlane’s systems.“
Jordan Fylolenko, Senior Director of Corporate Communications at Dashlane
Through this statement, the company made clear that no internal data breach or direct intrusion into the server infrastructure occurred, but rather that the software-based protective barriers functioned as intended.
Timeline of security response and ongoing support issues
The chronology of the incident can be traced in detail via the cloud service’s official status page. The internal investigation of anomalies in network traffic was initiated on 31 May 2026 at 15:19 UTC. Standard protective measures used by modern identity platforms against automated credential stuffing and brute-force scenarios include mechanisms such as rate limiting, which limits the number of permitted login attempts per time unit, as well as the implementation of CAPTCHA checks and complete temporary account lockdown after exceeding a defined threshold of failed logins.
At 22:30 UTC on the same day, Dashlane declared the incident resolved and stated that all automatically locked accounts had been released. A further status update on 1 June 2026 at 07:32 UTC confirmed this status and emphasized that the responsible engineering teams continue to closely monitor telemetry data and implement additional, targeted security measures. Despite the official all-clear, some users reported continued login problems in the following hours and in this context criticized insufficient response speed from technical customer support. Dashlane did not disclose exact figures on the number of affected accounts as of publication time.
Tags: #Cyber Crime | #Password
Original source: www.it-daily.net
Imported via Lumi AI News on 2 June 2026. Labeling in accordance with Art. 50 EU AI Act: AI-assisted curation.