Brute‑Force Attacks Lock Out Dashlane Password‑Manager Users, Prompt Temporary Account Suspensions
What Happened — An external actor launched automated brute‑force login attempts against Dashlane accounts from foreign IP locations. Dashlane’s built‑in security controls automatically suspended the targeted accounts, which were later unsuspended after investigation.
Why It Matters for TPRM —
- Credential‑guessing attacks against a SaaS password manager can expose downstream enterprise accounts that rely on stored passwords.
- Automated lock‑out responses may disrupt business operations and raise support‑capacity concerns for vendors.
- Lack of public detail on the number of affected accounts makes risk quantification difficult for third‑party assessments.
Who Is Affected — Technology‑SaaS providers, enterprises using Dashlane for password management, and any downstream services that depend on compromised credentials.
Recommended Actions –
- Verify that your organization’s Dashlane accounts have MFA enabled and review recent login activity.
- Update password policies to enforce strong, unique passwords and consider password‑less authentication where possible.
- Incorporate Dashlane’s incident response logs into your vendor risk monitoring program.
Technical Notes — The attack leveraged repeated password‑guess attempts (brute force) from distant locations, triggering Dashlane’s rate‑limiting, CAPTCHA, and account‑lockout mechanisms. No CVEs were disclosed, and Dashlane reported no evidence of internal system compromise. Source: BleepingComputer