Password manager Dashlane confirmed attackers managed to download encrypted vaults belonging to roughly 20 users by targeting large numbers of accounts to raise their odds of success. Security researchers criticized the advisory as opaque — omitting key details about scope and method — leaving users unable to assess their exposure, a notable failure of breach-disclosure transparency.