Brute Force Attacks Lock Dashlane Users Out of Their Accounts

Recently, multiple users of the popular password management service, Dashlane, found themselves locked out of their accounts due to brute-force attacks. These attacks involved unauthorized login attempts from remote locations and unfamiliar devices.

In response to these security breaches, Dashlane suspended the affected accounts as a precautionary measure to prevent potential account hijacking. Jordan Fylolenko, Dashlane’s Senior Director of Corporate Communications, confirmed that the affected accounts have since been unsuspended.

Fylolenko reassured users that Dashlane’s systems were not compromised during the attack and that their team is actively working to enhance security measures to protect customers.

Concerned Dashlane users took to Reddit to report receiving suspicious access requests from foreign countries, prompting them to verify their accounts with access codes for new devices.

Many users were puzzled by these requests as they had not initiated them and questioned if they were part of a phishing scheme targeting Dashlane users.

In response to user concerns, Dashlane clarified that the security measures were triggered by brute-force attacks aimed at gaining unauthorized access to user accounts through repeated password attempts.

Secure platforms like Dashlane implement safeguards such as rate limiting, CAPTCHA challenges, and account lockouts to thwart automated attacks after a certain number of failed login attempts.

According to Dashlane’s status page, the incident was investigated on May 31 and resolved later that day, with all affected accounts being unsuspended.

Subsequent updates on June 1 confirmed that the situation was under control, with Dashlane monitoring the incident closely and implementing additional security measures.

Despite Dashlane’s assurances that the issue was resolved, some users continued to experience login difficulties and reported unresponsive customer support.

When contacted for further details about the incident, Dashlane did not provide a response at the time of publication.

Automated pentesting tools offer valuable insights but may not fully test the effectiveness of your security controls. Learn about the 6 critical areas you need to validate to ensure your network’s security.

Download Now