Dashlane, a password management service, issued a security advisory on June 3, 2026, stating that attackers obtained 20 encrypted user vaults. The company reported that the attack began on May 31, 2026, when an external party launched a brute force attack targeting specific user accounts. The objective of the attack was to bypass two-factor authentication (2FA) protections in order to register new devices on existing user accounts. A user who received a 2FA request shared a screenshot of the notification they received on the day the attack commenced.
✓ AI-Debiased Article
Dashlane reports theft of 20 encrypted user vaults following brute force attack
Dashlane announced that 20 encrypted user vaults were stolen in a brute force attack that started on May 31, 2026. The attackers aimed to bypass two-factor authentication to gain access to user accounts.
Companies
Dashlane
Annotating as
No note attached
on this article.
Original vs. Neutral
Original Headline
Dashlane issues opaque advisory warning 20 encrypted vaults were stolen
Neutral Headline
Dashlane reports theft of 20 encrypted user vaults following brute force attack
