Dashlane suspended and later reinstated user accounts on May 31 after detecting brute-force attacks that involved login attempts from foreign locations and unknown devices. The company confirmed the suspensions were part of an automated security response designed to protect against account hijacking.

“We can confirm that certain Dashlane user accounts were targeted in a brute force attack by an external party, resulting in the suspension of those accounts as part of Dashlane’s built-in security controls. The affected accounts have now been unsuspended.” Dashlane Senior Director of Corporate Communications Jordan Fylolenko said.

Multiple users reported being locked out of their accounts and receiving notices of suspicious access requests originating from foreign countries. The emails contained verification codes intended for legitimate account owners registering new devices, but many users were confused because they had not initiated the requests and questioned whether the messages were phishing attempts.

Dashlane responded to some Reddit threads to clarify that its systems remained secure and the account suspensions were triggered by automated attack patterns. The company’s status page shows it launched an investigation into the incident on May 31 at 15:19 UTC.

By 22:30 UTC that same day, Dashlane marked the issue as ‘RESOLVED’ and stated all affected accounts had been unsuspended. An additional update issued on June 1 at 07:32 UTC confirmed the resolved status and noted the company was monitoring the situation while implementing further targeted security measures.

“Our team is actively engaged in this issue and taking measures to further protect customers. There is no evidence of compromise of Dashlane’s systems.” Fylolenko added.

Despite the official resolution, some users continue to report login difficulties. Others have said Dashlane support has been unresponsive to their inquiries. The company has not disclosed the number of affected accounts, and requests for additional details from news outlet BleepingComputer remained unanswered as of publication.