Find notable cyber news and cases, enriched with sources, timelines, and signals.

Dashlane personal-plan users' encrypted vault exposure

Data Leak
First reported
Last updated
Happening score
H score 26
1 unique sources, 1 articles

Summary

Hide ▲

On May 31, 2026, Dashlane disclosed that an external brute-force account attack led to encrypted vaults being downloaded for fewer than 20 personal-plan users, creating a limited but concrete exposure of sensitive stored data. The attack attempted to bypass 2FA and add new devices to existing accounts. Dashlane said affected users were notified and that vault contents still depend on the Master Password for access.

Related Happenings

Instagram High Touch Support password reset security flaw

Vulnerability
H score40 First: 08.06.2026 09:00 Last: 08.06.2026 09:00 Sources 1

About this happening: Meta's High Touch Support (HTS) flaw enabled attackers to trigger Instagram password resets, creating account-takeover risk for over 20,000 users and weakening protect...

Meta AI-powered support tools abused in Instagram account recovery flow

Security Tool/Service
H score26 First: 02.06.2026 18:47 Last: 02.06.2026 18:47 Sources 1

About this happening: Instagram accounts were hijacked after attackers abused Meta’s AI-powered support tools to pass recovery checks and change the recovery email, creating a direct failure in...

Dashlane password manager account lockouts from brute-force attacks

Service Disruption
H score12 First: 01.06.2026 21:17 Last: 01.06.2026 21:17 Sources 1

How related: the high volume of attempts on those accounts triggered temporary account suspensions and authentication issues due to its built-in security controls.

About this happening: Dashlane experienced a temporary account-access disruption after brute-force login attempts triggered security lockouts for some users. The affected accounts were late...

Instagram accounts for Obama White House hit by account takeover attack

Incident
H score40 First: 01.06.2026 20:32 Last: 01.06.2026 20:32 Sources 1

About this happening: The Instagram accounts for the Obama White House and the Chief Master Sergeant of the U.S. Space Force were briefly defaced after attackers abused Meta’s AI supp...

Bitwarden LastPass Dashlane and 1Password vault compromise flaws security flaw

Vulnerability
H score41 First: 16.02.2026 19:15 Last: 16.02.2026 19:15 Sources 1

About this happening: Bitwarden, LastPass, Dashlane and 1Password were found to have cloud password manager vulnerabilities that could let an attacker view, change, recover, or delete vault p...

Timeline

  1. 02.06.2026 06:55 1 articles · 1mo ago

    External brute-force attack downloads encrypted vaults from fewer than 20 Dashlane personal-plan accounts

    Victim Impact Update

    An external threat actor launched brute-force attacks against certain Dashlane user accounts on May 31, 2026, aiming to break 2FA protections and register new devices on existing accounts. Dashlane said the high volume of attempts triggered temporary account suspensions and authentication issues, and that in a handful of cases attackers downloaded copies of encrypted vaults belonging to fewer than 20 personal-plan users.

    Show sources
  2. 02.06.2026 06:55 2 articles · 1mo ago

    Dashlane discloses encrypted vault exposure affecting fewer than 20 personal-plan users

    Initial Disclosure

    Dashlane disclosed that fewer than 20 personal-plan users had encrypted vaults downloaded after the brute-force attack and said affected users were directly notified. The company added that users who did not receive a vault-risk message had no impact to their Dashlane account, and that its internal systems were not impacted.

    Show sources