{"id":261670,"date":"2026-06-01T23:55:00","date_gmt":"2026-06-02T03:55:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/06\/01\/dashlane-discloses-brute-force-attack-encrypted-vaults-of-fewer-than-20-users-downloaded\/"},"modified":"2026-06-02T03:40:12","modified_gmt":"2026-06-02T07:40:12","slug":"dashlane-discloses-brute-force-attack-encrypted-vaults-of-fewer-than-20-users-downloaded","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/06\/01\/dashlane-discloses-brute-force-attack-encrypted-vaults-of-fewer-than-20-users-downloaded\/","title":{"rendered":"Dashlane Discloses Brute-Force Attack, Encrypted Vaults of Fewer Than 20 Users Downloaded"},"content":{"rendered":"<p><a href=\"https:\/\/thehackernews.com\/2026\/06\/dashlane-discloses-brute-force-attack.html\">Dashlane Discloses Brute-Force Attack, Encrypted Vaults of Fewer Than 20 Users Downloaded<\/a><\/p>\n<p><a href=\"https:\/\/thehackernews.com\/2026\/06\/dashlane-discloses-brute-force-attack.html\">https:\/\/thehackernews.com\/2026\/06\/dashlane-discloses-brute-force-attack.html<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-06-01 23:55:00<\/a><\/p>\n<p>Source Domain: <a href=\"thehackernews.com\">thehackernews.com<\/a><\/p>\n<p><span class=\"p-author\">\ue804<span class=\"author\">Ravie Lakshmanan<\/span>\ue802<span class=\"author\">Jun 02, 2026<\/span><\/span><span class=\"p-tags\">Identity Security \/ Data Protection<\/span><\/p>\n<p>Password manager Dashlane has disclosed that &#8220;fewer than&#8221; 20 users on the personal subscription plan had their encrypted vaults downloaded following a brute-force attack launched by an unknown party.<\/p>\n<p>On May 31, 2026, the company said an &#8220;external&#8221; threat actor launched a brute-force attack against certain Dashlane user accounts with the aim of breaking two-factor authentication (2FA) protections and allowing them to register new devices on existing user accounts.<\/p>\n<p>Exactly how many users were targeted remains unknown, but Dashlane said the high volume of attempts on those accounts triggered temporary account suspensions and authentication issues due to its built-in security controls.<\/p>\n<p>Although access to the accounts has since been restored, the company has now revealed that the attackers were successful in a handful of cases, enabling them to download a copy of the encrypted vaults belonging to less than 20 personal plan users.<\/p>\n<p>&#8220;We have directly notified each of these users,&#8221; it said. &#8220;If you&#8217;re a Dashlane user and have not received a message from Dashlane specific to vault risk, there is no impact to your Dashlane account.&#8221;<\/p>\n<p>It&#8217;s worth noting that the vault data cannot be accessed without the Master Password. Unless this password is trivial and highly predictable, it&#8217;s unlikely that any attempts to crack open the vault will succeed. Dashlane also pointed out that its own internal systems were not impacted by the incident.<\/p>\n<p>As a precautionary measure, users are advised to review the devices registered to their accounts and remove those they don&#8217;t recognize, enable 2FA, and use a strong Master Password that&#8217;s &#8220;long, unique, and difficult to guess.&#8221;<\/p>\n<p><a href=\"https:\/\/thehackernews.com\/2026\/06\/dashlane-discloses-brute-force-attack.html\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Dashlane Discloses Brute-Force Attack, Encrypted Vaults of Fewer Than 20 Users Downloaded https:\/\/thehackernews.com\/2026\/06\/dashlane-discloses-brute-force-attack.html Publish Date:&#8230;<\/p>\n","protected":false},"author":1,"featured_media":261671,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjMY3oQNaqfV2_sMYMZJ_EbUA90VD_t0w342aOV-tTDXEui63NgSB0SPYPhGVW9e5i8ZcEk7P5uudw6PJOi5od9rdsq9GzG0npc8FiqXuQ33r-zg81AMHW53prz_ovs2YbKrjaNfOOAp1tpmjhE3ADsjVymKPDGf4TyikPb1z18MOWk2YH-BteUQ6EUqYFI\/s1600\/dashlane.png","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[34],"class_list":["post-261670","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-threat-actor"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/261670"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=261670"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/261670\/revisions"}],"predecessor-version":[{"id":261672,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/261670\/revisions\/261672"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/261671"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=261670"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=261670"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=261670"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}