Dashlane Confirms Brute Force Attack Targeting User Accounts
On 31 May, password manager Dashlane responded to a brute force attack by an external actor after users reported login difficulties and suspicious account suspension emails. The incident began around 3:00 PM UTC, with initial reports of failed logins and password reset issues prompting an investigation by Dashlane’s engineering team.
By 10:30 PM UTC, Dashlane confirmed that a subset of user accounts had been targeted in the attack, triggering automated security measures that temporarily suspended affected accounts. The company stated that the accounts were later unsuspended and that no evidence of a system-wide breach was found.
Dashlane attributed the disruptions to its built-in security protocols, which activated in response to the brute force attempts. The attack did not compromise Dashlane’s internal systems, and the company continues to monitor the situation.
Dashlane TPRM report: https://www.rankiteo.com/company/dashlane
"id": "das1780280615",
"linkid": "dashlane",
"type": "Cyber Attack",
"date": "5/2026",
"severity": "25",
"impact": "1",
"explanation": "Attack without any consequences"{'affected_entities': [{'customers_affected': 'Subset of user accounts',
'industry': 'Cybersecurity (Password Management)',
'name': 'Dashlane',
'type': 'Company'}],
'attack_vector': 'Brute Force',
'customer_advisories': 'Users notified of login difficulties and account '
'suspensions',
'date_detected': '2024-05-31T15:00:00Z',
'date_publicly_disclosed': '2024-05-31T22:30:00Z',
'description': 'On 31 May, password manager Dashlane responded to a brute '
'force attack by an external actor after users reported login '
'difficulties and suspicious account suspension emails. The '
'incident began around 3:00 PM UTC, with initial reports of '
'failed logins and password reset issues prompting an '
'investigation by Dashlane’s engineering team. By 10:30 PM '
'UTC, Dashlane confirmed that a subset of user accounts had '
'been targeted in the attack, triggering automated security '
'measures that temporarily suspended affected accounts. The '
'company stated that the accounts were later unsuspended and '
'that no evidence of a system-wide breach was found. Dashlane '
'attributed the disruptions to its built-in security '
'protocols, which activated in response to the brute force '
'attempts. The attack did not compromise Dashlane’s internal '
'systems, and the company continues to monitor the situation.',
'impact': {'customer_complaints': 'Login difficulties and suspicious account '
'suspension emails',
'operational_impact': 'Temporary account suspensions',
'systems_affected': 'User Accounts'},
'investigation_status': 'Ongoing',
'references': [{'source': 'Dashlane Incident Report'}],
'response': {'communication_strategy': 'Public disclosure and user advisories',
'containment_measures': 'Automated security measures (account '
'suspensions)',
'enhanced_monitoring': 'Yes',
'incident_response_plan_activated': 'Yes',
'remediation_measures': 'Accounts unsuspended, monitoring '
'ongoing'},
'threat_actor': 'External Actor',
'title': 'Dashlane Confirms Brute Force Attack Targeting User Accounts',
'type': 'Brute Force Attack'}