Back

Dashlane Suspends Accounts Due to Brute Force Attack

Severity: Medium (Score: 48.9)

Sources: Theregister, Feeds2.Feedburner

Published: 2026-06-01 · Updated: 2026-06-01

Keywords: brute, password, manager, dashlane, accounts, amid, attack

Summary

Password manager Dashlane has temporarily suspended several user accounts in response to a series of brute force attacks that began on May 31, 2026. Users received emails stating their accounts were suspended due to incorrect token entries during device registration attempts. The company has not disclosed the scale of the attack or whether any accounts were successfully breached. Dashlane confirmed that its internal systems were not compromised and is currently monitoring the situation. Users reported unauthorized login attempts from various countries, primarily Korea and Russia. The company has faced criticism for its lack of communication regarding the incident, with some users questioning the legitimacy of the suspension emails. Dashlane has also suspended its two-factor authentication service as part of its response. All affected accounts were restored by the evening of the attack's onset. Key Points: • Dashlane suspended user accounts due to a brute force attack starting May 31, 2026. • Users received emails about account suspensions linked to incorrect token entries. • The company confirmed no internal system compromise but faced criticism for communication.

Detailed Analysis

**Impact** Dashlane users experienced temporary account suspensions due to brute force attacks targeting login authentication. The exact number of affected accounts is unspecified, but multiple users reported receiving suspension emails and unauthorized login attempt notifications from countries including Korea and Russia. No internal system compromise or confirmed successful account breaches were reported. The incident caused operational disruption through disabled accounts and 2FA service errors, impacting user access globally. **Technical Details** The attack involved brute force attempts to register new devices on user accounts, failing to enter correct two-factor authentication tokens after multiple tries. The attack began on May 31 and was investigated and mitigated by Dashlane the same day, though monitoring continued. No malware, CVEs, or specific attack infrastructure details were disclosed. Indicators of compromise include repeated failed 2FA token entries and login attempts originating from IPs in Korea and Russia. **Recommended Response** Defenders should monitor for repeated failed login attempts and unusual geographic access patterns, particularly from Korea and Russia. Users should be advised to verify account suspension notifications directly through official channels to avoid phishing confusion. Organizations using Dashlane should ensure 2FA mechanisms are functioning correctly and review authentication logs for anomalies. No specific patches or IOCs were provided for direct blocking.

Source articles (2)

  • Password manager Dashlane suspends customer accounts amid brute — Theregister · 2026-06-01
    Password manager Dashlane has disabled a number of user accounts as a precaution amid a spate of brute force attacks. It didn't specify the scale of the attack, although scores of users have queried t…
  • Brute — Feeds2.Feedburner · 2026-06-01
    Password manager Dashlane has confirmed that a brute-force attack targeting user accounts triggered temporary account suspensions and authentication issues. The company first acknowledged the incident…

Timeline

  • 2026-05-31 — Brute force attacks began: Dashlane reported a series of brute force attacks targeting user accounts, leading to temporary suspensions.
  • 2026-05-31 — Users notified of account suspensions: Affected users received emails stating their accounts were suspended due to security reasons related to failed token entries.
  • 2026-06-01 — Dashlane updates incident status: Dashlane changed the incident status from 'resolved' to 'monitoring' on its status page, indicating ongoing evaluation.

Related entities

  • Brute Force (Attack Type)
  • Dashlane (Tool)
  • Korea (Country)
  • Russia (Country)
  • T1110 - Brute Force (Mitre Attack)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed