Your password manager just had encrypted vaults stolen. That’s not a near-miss.
Your password manager just had encrypted vaults stolen. That’s not a near-miss.
Dashlane disclosed this week that attackers successfully downloaded encrypted password vaults belonging to fewer than 20 users via a brute-force attack. Dashlane notes the vaults remain encrypted and there’s no evidence of successful decryption. Most organizations reading this will breathe a sigh of relief and move on.
That’s the wrong reaction.
What happened: attackers specifically targeted the password manager infrastructure â not individual accounts, but the vault store itself. They now have offline brute-force access to those vaults. Unlimited time. No rate limiting. No account lockout. The only protection is the strength of the master password and the encryption implementation.
The risk isn’t just for those 20 users. The real issue here is a question most security teams haven’t answered: what is your organization’s response policy when an employee’s password vault is confirmed exfiltrated?
If you’re running Dashlane Teams or Business â and many DACH mid-market companies are â this is a mandatory policy question, not a monitoring alert. An exfiltrated encrypted vault is a ticking clock, not a resolved incident.
What to do next: Rotate master passwords immediately for any affected accounts and enforce minimum length and complexity at the organizational level â Dashlane enforces nothing by default. Require hardware security keys (not just TOTP) as the second factor for vault access. Brute-force resistance drops to near-zero if the master password is the only layer. Draft a vault-exfiltration response playbook now, before you need it. Define the threshold: what triggers a full credential rotation across all services in the vault?
Password managers protect every credential in your organization. They are now primary attack targets. Treat the manager itself as critical infrastructure.
Links for a deeper technical dive are in the comments.
For those who want a deeper dive into this topic:
