Dashlane has reported that hackers managed to access their systems through a brute force attack, downloading the encrypted vaults of fewer than 20 users. The company assures that the stolen data is protected by encryption and cannot be easily read. For the general public, the risk is low, but this incident serves as a reminder of the importance of using a strong and unique master password, as well as enabling two-factor authentication for an extra layer of security.
Encryption as the last line of defense 🔒
The attack focused on specific endpoints, successfully forcing internal access credentials. Once inside, the attackers downloaded vaults encrypted with AES-256. Dashlane states that there is no evidence they managed to decrypt the content. The breach affects fewer than 20 accounts, suggesting a targeted rather than a massive attack. The company has already notified those affected and strengthened its access protocols, limiting exposure to future intrusion attempts.
Hackers take vaults... but with a padlock 🔑
Twenty Dashlane users have experienced every gambler's wet dream: someone taking their vault full of keys. The good news is that the thieves have encountered a padlock so hefty that not even an angle grinder can open it. The data is encrypted, so unless the hackers have a supercomputer and infinite patience, all they've gotten is a nice, useless file. That said, next time someone tells you their master password is 1234, remind them of this article.