Security
Password manager Dashlane suspends customer accounts amid brute-force attacks
Engineers' weekends ruined as Dashlane's automatic protections kicked in
Password manager Dashlane has disabled a number of user accounts as a precaution amid a spate of brute force attacks.
It didn't specify the scale of the attack, although scores of users have queried the reason for receiving emails informing them of account suspensions.
“Your account has been temporarily suspended for security reasons as someone has attempted to register a new device and didn't enter the correct token after several tries,” the emails read, along with instructions to contact customer support to restore access.
The attacks began on Sunday afternoon and the Dashlane team said it had finished investigating the matter later that evening, restoring all affected user accounts in the process, according to its status page.
In a copy-paste statement sent to a number of users via social media, Dashlane also confirmed there was no compromise of internal systems.
Dashlane posted an update to its status page on Monday morning, repeating the same statement from a day earlier, but changing the incident status from "resolved" to "monitoring."
Several users reported unauthorized login attempt notifications from various countries - the common culprits being Korea and Russia. Dashlane did not specify whether any attempts on customer accounts were successful.
Dashlane’s interventions involved suspending accounts and its two-factor authentication (2FA) service. Some users reported trying to access Dashlane’s 2FA one-time passcodes, but when entering them, all that returned was an error.
Some criticised the company for a lack of public comms about the attacks. Aside from the direct account suspension emails and some replies to users on social media, Dashlane has not disclosed the attack through any high-visibility channels.
Users also queried whether the initial account suspension emails were a phishing attempt. But the emails showed no hallmarks of phishing as they contained no suspicious links, no attachments and were sent from a real Dashlane domain.
However, the nature of the message and the fact that the emails contained an old Dashlane logo only exacerbated some customers’ fears.
The Register has contacted Dashlane for more information. ®
MOST POPULAR
EVENTS
-
Overcoming the trade-offs in data sovereignty
What does data sovereignty actually mean for your network, which trade-offs are unavoidable? Learn more.
-
From Prompt to Exploit: How LLMs Are Changing API Attacks
Modern applications are API-driven, interconnected, and often over-permissioned, making them an ideal target for AI-assisted attacks.
-
Architecting the Future: Unlocking Enterprise Data Services for Kubernetes
Join us to discover how to eliminate infrastructure silos and establish a standardized, enterprise-grade cloud-native platform.
-
Catch the Advanced Attacks Microsoft 365 Misses with Behavioral AI Security
Microsoft 365 is the backbone of enterprise communication, and its native security filters out the known and the noisy.
-
Virtual Cyber Recovery Sim
Step into the chaos of a live ransomware breach, test your response skills, and team up with other IT and security pros to outsmart cybercriminals
-
Virtual Cyber Recovery Simulation
Ransomware attacks aren’t slowing down, and neither are we. Druva’s hit event, Escape Ransomware, is now fully virtual.
-
Agentic AI at Scale: From Pilot to Production
Join us to learn how to unlock real ROI by driving adoption of AI at scale.
AI
-
Security
Password manager Dashlane suspends customer accounts amid brute-force attacks
Engineers' weekends ruined as Dashlane's automatic protections kicked in
-
Networks
Putin sends submarines to survey Britain's subsea cables. UK deploys Royal Navy, mobilizes parliamentary draftsmen
Proposed legislation threatens fines and prison for reckless damage. Russian Prez must be shaking in his boots
-
OSes
I designed Microsoft's $5B EA channel architecture in 2001. The 2026 transition is missing what made it work
The man behind Redmond's direct billing model and its geo rollout explains why the new version forgets the channel to its cost
-
Personal Tech
Memory crunch sends PC prices into double-digit climb
Notebooks up 11%, desktops 10% as chipmakers ditch consumer kit for AI server bling
-
AI + ML
LLMs are closer to religion than they appear. Watch out for those who like it that way
Papal's 40k-word encyclical drops and lawyers already asking if Catholics can refuse workplace AI on religious grounds
Infosec
-
Security
Password manager Dashlane suspends customer accounts amid brute-force attacks
Engineers' weekends ruined as Dashlane's automatic protections kicked in
-
Networks
Putin sends submarines to survey Britain's subsea cables. UK deploys Royal Navy, mobilizes parliamentary draftsmen
Proposed legislation threatens fines and prison for reckless damage. Russian Prez must be shaking in his boots
-
OSes
I designed Microsoft's $5B EA channel architecture in 2001. The 2026 transition is missing what made it work
The man behind Redmond's direct billing model and its geo rollout explains why the new version forgets the channel to its cost
-
Personal Tech
Memory crunch sends PC prices into double-digit climb
Notebooks up 11%, desktops 10% as chipmakers ditch consumer kit for AI server bling
-
AI + ML
LLMs are closer to religion than they appear. Watch out for those who like it that way
Papal's 40k-word encyclical drops and lawyers already asking if Catholics can refuse workplace AI on religious grounds
FOSS
-
Password manager Dashlane suspends customer accounts amid brute-force attacks
Engineers' weekends ruined as Dashlane's automatic protections kicked in
-
Putin sends submarines to survey Britain's subsea cables. UK deploys Royal Navy, mobilizes parliamentary draftsmen
Proposed legislation threatens fines and prison for reckless damage. Russian Prez must be shaking in his boots
-
I designed Microsoft's $5B EA channel architecture in 2001. The 2026 transition is missing what made it work
The man behind Redmond's direct billing model and its geo rollout explains why the new version forgets the channel to its cost
-
Memory crunch sends PC prices into double-digit climb
Notebooks up 11%, desktops 10% as chipmakers ditch consumer kit for AI server bling
-
LLMs are closer to religion than they appear. Watch out for those who like it that way
Papal's 40k-word encyclical drops and lawyers already asking if Catholics can refuse workplace AI on religious grounds
-
Techie expensed a bag of oranges and then juiced up a stupid security incident
He knew this was amazingly dumb but couldn’t stop laughing as the fruit went splat
Source link
Disclaimer
We strive to uphold the highest ethical standards in all of our reporting and coverage. We StartupNews.fyi want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It's possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.
