Title: Dashlane Reports Breach of Encrypted Customer Vaults Following Weekend Cyberattack

Security firm Dashlane has disclosed that cybercriminals successfully acquired at least twelve encrypted password vaults belonging to its users during a weekend intrusion. According to a statement posted on its website, the attackers managed to compromise the company’s two-factor authentication (2FA) protocol, which ultimately granted them entry into approximately 20 customer accounts.

By bypassing these secondary security layers, the hackers were able to extract copies of specific users’ encrypted vaults. These vaults serve as secure repositories for passwords and other sensitive login credentials. While Dashlane’s incident response page indicates that its internal systems remain uncompromised, the company has not yet clarified the specific method used to defeat its 2FA defenses. Typically, two-factor authentication adds a layer of security by demanding an additional code sent to the user’s mobile device, preventing access even if a username and password are stolen.

“The objective of the attack was to brute-force two-factor authentication (2FA) protections, enabling the attacker to register new devices on existing user accounts,” Dashlane explained. The firm noted that the attackers likely employed automated tools to “rapidly submit every possible numeric combination to the system,” aiming to guess the correct sequence before the temporary security code expired.

Dashlane confirmed it has notified the roughly 20 affected customers. However, it remains uncertain whether these individuals were selected for specific reasons, such as their profession or identity. Representatives for Dashlane declined to comment when contacted for further details. The company has also not revealed whether the perpetrators identified themselves or made ransom demands.

Despite the breach, Dashlane emphasized that the stolen data is encrypted and unreadable without the customer’s master password. This master password is never stored on Dashlane’s servers in plain text and is known exclusively to the user. Nevertheless, the company warned that users who chose weak or easily guessable master passwords face a higher risk of having their vaults decrypted by attackers.

Incidents involving password managers are uncommon but can carry significant long-term repercussions. In 2022, LastPass admitted that customer vault backups were stolen in a cyberattack. Although those vaults were secured by customer-held passwords, the security standards for earlier users were less robust, allowing hackers to brute-force and guess some passwords with relative ease. Subsequent reports suggested that thieves used this access to steal cryptocurrency, likely by exploiting private keys stored in vaults whose master passwords had been cracked.

This event follows a similar warning from Australian software developer Click Studios a year prior. The company advised all users of its Passwordstate product to “reset all credentials” after hackers exploited its software update system to distribute malware to customer devices.

Source: TechCrunch Generated at: 2026-06-02 15:40:11 UTC