Dashlane: Encrypted vaults downloaded for fewer than 20 users

On May 31, 2026 Dashlane reported that an external threat actor launched a high-volume brute-force campaign against certain user accounts. The apparent goal was to defeat two-factor authentication and register new devices on existing accounts.

The company said the volume of attempts triggered temporary account suspensions and authentication issues while security controls responded. Dashlane restored access to impacted accounts after addressing the activity.

Dashlane confirmed attackers were able to download copies of encrypted vaults for fewer than 20 users on the personal subscription plan. Each affected customer received direct notification. “We have directly notified each of these users,” the company wrote.

The downloaded vaults remain encrypted and require a user’s Master Password to be opened. Dashlane said that unless a Master Password is trivial or highly predictable, attempts to decrypt the data are unlikely to succeed. The firm also reported that its internal systems were not affected.

Dashlane recommended that users review devices registered to their accounts and remove any they do not recognize, enable two-factor authentication if they have not, and choose a long, unique Master Password. “If you’re a Dashlane user and have not received a message from Dashlane specific to vault risk, there is no impact to your Dashlane account,” the company added.

Dashlane did not disclose how many accounts were targeted in total or identify the attacker. The company noted that built-in protections, including temporary account suspensions triggered by high-volume attempts, helped limit the scope of the incident.