Password manager Dashlane has disclosed that « fewer than » 20 users on the personal subscription plan had their encrypted vaults downloaded following a brute-force attack launched by an unknown party.
On May 31, 2026, the company said an « external » threat actor launched a brute-force attack against certain Dashlane user accounts with the aim of breaking two-factor authentication (2FA)