In a nutshell: Password manager Dashlane suffered a successful brute-force attack in which attackers gained access to encrypted user data.
Dashlane confirmed a brute-force attack on its infrastructure in which attackers penetrated password vaults of users and temporarily blocked numerous accounts. The incident represents a critical security breach at a leading password manager.
Password manager Dashlane fell victim to a brute-force attack in which the attackers were able to deliberately breach authentication mechanisms. Multiple users reported account lockouts and suspicious access to their stored passwords. According to current findings, the attackers gained access to encrypted password vaults, indicating a compromise of the accounts.
The blocking of user accounts points to an attacker strategy of systematically conducting login attempts and thereby overloading or circumventing login mechanisms. Dashlane stores login credentials and sensitive information for millions of users worldwide, which means such an attack has significant implications for the security posture of affected individuals.
For CISOs and IT security executives, this incident demonstrates that even established password managers are not automatically immune to brute-force attacks. It is advisable to regularly review the authentication mechanisms of password managers, recommend multi-factor authentication to users, and closely monitor the incident at Dashlane to detect potential impacts on corporate accounts early.
Source: www.golem.de · Published June 2, 2026
Lumi AI News — AI-assisted curation according to Article 50 EU AI Act. Paraphrase and classification via Lumi News Pipeline v1.2.9.