There’s a lot that doesn’t add up in a security advisory password manager Dashlane published Monday, warning that attackers managed to obtain 20 encrypted user vaults.
“Starting on Sunday, May 31, 2026, an external party launched a brute force attack against certain Dashlane user accounts,” the company said. “The goal of the attack was to brute-force two-factor authentication (2FA) protections to allow the attacker to register new devices on existing user accounts.”
Hello, Dashlane, anybody home?
A Dashlane user who received such a 2FA request provided this screenshot of the notification, which arrived on Sunday.
Thanks for shedding light on this issue with Dashlane’s notification. It’s always important to stay informed about security matters, especially when it comes to our personal data. Looking forward to more insights on this topic!