Password manager Dashlane has disclosed how attackers successfully downloaded encrypted password vaults from its users by targeting large numbers of accounts to increase odds of success.
Dashlane published a detailed explanation of the breach affecting a portion of its user base, clarifying the mechanics of how attackers obtained encrypted vault files.
The company confirmed that attackers used a brute-force approach, targeting many user accounts simultaneously. This mass-scale strategy allowed them to bypass security measures through sheer volume, increasing the statistical likelihood of gaining access to at least some accounts.
The attackers downloaded encrypted password vaults—files containing usernames, passwords, and other sensitive data stored in encrypted form. However, Dashlane emphasized that the vaults remain encrypted and inaccessible without the master password.
"The attackers obtained encrypted vault files, not plaintext passwords," Dashlane stated in its explanation. The company stressed that its encryption architecture means stolen vaults alone cannot expose user credentials unless attackers successfully crack the encryption or obtain master passwords through other means.
Dashlane recommended affected users reset their master passwords and enable two-factor authentication. The company also suggested users monitor their accounts for suspicious activity and change passwords for critical accounts accessed through the platform.
The password manager did not disclose the exact number of users impacted or provide a precise timeline for when the breach occurred. Dashlane has been working with security researchers and law enforcement to investigate the incident.
This breach highlights the ongoing security risks even for password managers, which face significant pressure from attackers seeking to compromise high-value targets. While Dashlane's encryption provided a protective layer, the compromise of encrypted vaults—even without immediate decryption—represents a security incident that could pose risks if attackers gain computational resources to crack encryption or obtain additional information.
Acer is addressing two maximum-severity zero-day vulnerabilities affecting its Wave 7 mesh routers. The company is developing patches to resolve the security flaws.
Dental benefits administrator DentaQuest suffered a data breach exposing sensitive information for 2.6 million accounts. The incident compromises customer data handled by one of the largest dental benefits providers in the U.S.
The Windows version of Hola Browser has been targeted in a supply chain attack that injected an undeclared cryptocurrency miner into the application. Researchers identified the malicious executable embedded within the browser distribution.
Cisco has disclosed a high-severity zero-day vulnerability in its Catalyst SD-WAN Manager that attackers are actively exploiting to gain root-level access. The flaw remains unpatched.