HomeEverythingEducation
Equities & FundsCrypto & Digital AssetsAI & TechnologyBusiness & CorporateUS Politics & PolicyGeopolitics & Global RiskMacro, Rates & FXCommodities & EnergyEuropean Politics & MarketsAsia-PacificReal Estate & Property
Story archiveAll categories
← All Stories

Dashlane: Attackers downloaded fewer than 20 encrypted vaults

Created at 4 Jun · 5:58 AM2 sources↑ Market-relevant2 events
IN SHORT

Dashlane reported that attackers downloaded fewer than 20 encrypted password vaults before its systems shut down the operation. The attackers abused the device enrollment mechanism and used brute-force attacks on API endpoints.

✉Newsletter

PiQ Daily

Pick your topics. Get only what matters, on your cadence.

Key Numbers

fewer than 20personal user vaults downloaded
six-digittoken length for identity verification

Who's Involved

Dashlane
Password manager provider that experienced a security breach
unknown threat actor
Attacker who initiated the campaign against Dashlane users

↳ Why This Matters

While the number of compromised vaults is small, this incident highlights a sophisticated attack vector targeting password manager security mechanisms, potentially eroding user trust and demonstrating the need for continuous vigilance against evolving cyber threats.

Key facts

  • Attackers downloaded fewer than 20 encrypted password vaults from Dashlane.
  • The attack targeted Dashlane's device enrollment mechanism.
  • Attackers used brute-force methods on API endpoints for device registration.
  • Dashlane's security systems triggered account lockouts.
  • The campaign began on Sunday and was mitigated by Thursday.

Password manager Dashlane has detailed how attackers managed to download fewer than 20 encrypted password vaults in a coordinated campaign. The attackers exploited Dashlane's device enrollment process, targeting API endpoints for device registration and employing brute-force attacks to generate valid tokens. Dashlane's automated security systems detected the activity and initiated account lockouts, but not before the threat actor successfully accessed and downloaded a small number of encrypted vaults. The campaign, which began on Sunday, was mitigated by Thursday. This incident underscores the persistent threats to sensitive user data stored in password managers and the sophisticated methods employed by malicious actors.

Frequently asked questions

Fewer than 20 personal user vaults were downloaded by the attackers before the operation was shut down.

Attackers abused Dashlane's programming interfaces for device enrollment, specifically targeting API endpoints for device registration.

Dashlane's automated security systems triggered an automatic lockout of targeted accounts to protect users.

The attackers used a brute-force attack to send a large volume of automated requests to the device registration API endpoints.

What Happens Next

01Dashlane is continuing to investigate the full scope of the breach.
02Dashlane is implementing further measures to enhance security against similar attacks.

Get the newsletter.

Pick the topics you actually care about. We'll email when there's news worth your time, on the cadence you choose. Cancel any time from your account.

Cadence

How It Developed

4 Jun · 8:02 PM
Dashlane revealed attackers used a device enrollment API and brute force to download fewer than 20 encrypted password vaults.
Ars Technica via PiQSuite
4 Jun · 5:17 AM
Dashlane announced a brute-force attack on May 31 that compromised some user vaults, with hackers accessing account information.
NDTV via PiQSuite

Sources

T1
Dashlane Reveals Hackers Stole Some Users' Vaults Using Brute-Force Attacksm.piqsuite.com
T1
Dashlane explains how attackers managed to download encrypted password vaultsm.piqsuite.com

Related Stories

AssuranceAmerica Data Breach Exposes Millions of Driver's Licenses
8 Jul · 4:35 PM
Thousands of routers bricked after Australian government program ends
8 Jul · 6:15 PM
Linux KVM vulnerability allows VM escape, root access
8 Jul · 7:05 PM
Lawsuit: Grok user created 7K child sex images; xAI accused of obstructing probe
8 Jul · 8:05 PM
SpaceXAI Launches Grok 4.5 AI Model, Intensifying Rivalry with OpenAI
8 Jul · 11:00 AM