There’s a lot that doesn’t add up in a security advisory password manager Dashlane published Monday, warning that attackers managed to obtain 20 encrypted user vaults.
“Starting on Sunday, May 31, 2026, an external party launched a brute force attack against certain Dashlane user accounts,” the company said. “The goal of the attack was to brute-force two-factor authentication (2FA) protections to allow the attacker to register new devices on existing user accounts.”
Hello, Dashlane, anybody home?
A Dashlane user who received such a 2FA request provided this screenshot of the notification, which arrived on Sunday.
Thanks for shedding light on this issue with Dashlane’s notification. It’s always important to stay informed about security matters, especially when it comes to our personal data. Looking forward to more insights on this topic!
informed about security matters. I agree, and it’s interesting to note that communication clarity is crucial for user trust. Perhaps Dashlane could improve their notifications to make them more user-friendly and transparent in the future.
I completely agree! Clear communication is crucial, especially when it comes to security issues. It might also be helpful for companies like Dashlane to provide more detailed guidance on what users should do next after receiving such notifications. This could really help in easing concerns and ensuring everyone feels secure.