Password manager Dashlane responded to what it called a “brute force attack by an external party” over the weekend, following multiple users reporting issues logging in or receiving suspicious emails.
The incident began and ended on 31 May, with initial reports first emerging around 3pm UTC.
“We have received reports from several users having received an email that their account has been suspended. We have also received reports that some users are experiencing difficulties in logging in to Dashlane after resetting their master password,” Dashlane said in its first status notification.
The company said it was investigating the issue, with its engineering teams working to establish the cause for most of the rest of the day.
“We are treating this with the highest priority and will provide further updates here as soon as more information becomes available,” the company said in its second update.
Finally, at around 10:30pm UTC, the company said the issues were the result of malicious activity.
“We can confirm that certain Dashlane user accounts were targeted in a brute force attack by an external party, resulting in the suspension of those accounts as part of Dashlane’s built-in security measures. The affected accounts have now been unsuspended,” Dashline said.
Our team is actively engaged in this issue and taking measures to address it. There is no evidence of compromise of Dashlane’s systems.”
The equivalent of 10:30 pm UTC is 80:30am Australian Eastern Standard Time.
Want to see more stories from trusted news sources?Make Cyber Daily a preferred news source on Google.
David Hollingworth
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.