Password manager Dashlane says hackers stole some customers’ password vaults
Key takeaways
- Password manager maker Dashlane says hackers have obtained at least a dozen encrypted vaults used for storing customer passwords during a weekend cyberattack.
- The company said on its website that hackers brute-forced the company s two-factor authentication system, granting the hackers access to about 20 customer accounts.
- Dashlane said on its incident page that there was no evidence of compromise of its own systems, but it has not yet said how the hackers were able to defeat its two-factor protections in order to access customer accounts.
Password manager maker Dashlane says hackers have obtained at least a dozen encrypted vaults used for storing customer passwords during a weekend cyberattack.
The company said on its website that hackers brute-forced the company s two-factor authentication system, granting the hackers access to about 20 customer accounts. By defeating its two-factor mechanism, the hackers were able to download a copy of certain customers encrypted vaults, which store their passwords and other sensitive credentials.
Dashlane said on its incident page that there was no evidence of compromise of its own systems, but it has not yet said how the hackers were able to defeat its two-factor protections in order to access customer accounts. Two-factor is a security feature that protects accounts from being accessed with just a stolen username and password, typically by requiring an additional passcode to be sent to the phone of the account holder.