Dashlane Discloses Brute-Force Attack, Encrypted Vaults of Fewer Than 20 Users Downloaded

### Executive summary Dashlane disclosed a brute-force attack targeting user accounts aimed at bypassing two-factor authentication; attackers were able to download encrypted vaults for fewer than 20 personal-plan users. The company reports its internal systems were not impacted, affected users have been notified, and the encrypted vaults still require users' Master Passwords to be decrypted. Users are advised to review registered devices, enable 2FA, and use long, unique Master Passwords.