HomeIntelligenceBrief
BREACH BRIEF🟠 High ThreatIntel

Brute‑Force Attack Triggers Temporary Account Lockouts for Dashlane Users

Dashlane reported that an external brute‑force campaign targeted user accounts, activating automatic device‑registration safeguards and resulting in temporary lockouts and 2FA failures. No evidence of system compromise was found, but the incident underscores service‑availability and credential‑security concerns for third‑party risk managers.

LiveThreat™ Intelligence · 📅 June 01, 2026· 📰 helpnetsecurity.com
🟠
Severity
High
TI
Type
ThreatIntel
🎯
Confidence
High
🏢
Affected
1 sector(s)
Actions
3 recommended
📰
Source
helpnetsecurity.com

Brute‑Force Attack Causes Temporary Account Lockouts for Dashlane Users

What Happened – Dashlane confirmed that an external actor performed a credential‑brute‑force campaign against user accounts, triggering the service’s automated device‑registration safeguards and resulting in temporary account suspensions and 2FA failures. The issue was first reported on May 31 2026 and was marked “resolved” but remains under monitoring.

Why It Matters for TPRM

  • Service‑availability risk for any organization that relies on Dashlane for password‑management.
  • Potential for credential‑replay attacks if attackers obtain valid tokens during lockout cycles.
  • Highlights the need to verify third‑party MFA resilience and incident‑communication processes.

Who Is Affected – SaaS‑based password‑manager users across all sectors (technology, finance, healthcare, etc.).

Recommended Actions

  • Verify that your organization’s Dashlane accounts have MFA enabled and review device‑registration policies.
  • Conduct a short‑term audit of login‑failure alerts and lockout thresholds.
  • Engage Dashlane account managers to obtain post‑mortem details and any hardening recommendations.

Technical Notes – The attack leveraged repeated invalid token submissions during device registration, activating Dashlane’s built‑in lockout logic. No vulnerability (CVE) was disclosed, and Dashlane reported no evidence of system compromise. Affected components: email notification service and 2FA token validation. Source: https://www.helpnetsecurity.com/2026/06/01/dashlane-brute-force-attack-user-accounts/

📰 Original Source
https://www.helpnetsecurity.com/2026/06/01/dashlane-brute-force-attack-user-accounts/

This LiveThreat Intelligence Brief is an independent analysis. Read the original reporting at the link above.

From the Verisq platform · SOC 2 Readiness

Could you prove your access controls held up here?

Credential and access failures map directly to SOC 2 access-control criteria. The Verisq AI Trust Operations platform shows where your evidence is thin before an auditor — or an attacker — finds out.

Explore the Verisq AI Trust Operations platform →