Get all your news in one place.
100's of premium titles.
One app.
Start reading
TechRadar
TechRadar
Sead Fadilpašić

Maine takes down its data breach notification portal after it is flooded by fake claims

Maine Office VRChat BleepingComputer Discord
Malware attack virus alert , malicious software infection , cyber security awareness training to protect business.
  • Maine AG’s breach reporting portal abused with fake notices impersonating Discord and VRChat
  • False reports submitted via public intake system; later confirmed hoaxes and removed
  • Portal taken offline for investigation, with companies still able to file but public access suspended

The Office of the Maine Attorney General has been forced to pull its reporting portal offline after multiple fake disclosures ended up on the website.

The breach notification portal is a public intake system for legally required data breach notices - so if an organization suffers a breach that affects Maine residents, it can submit its notification through this portal instead of sending an email or snail mail. Once submitted, the Attorney General’s office reviews the notice and usually publishes it, so the public can see confirmed incidents affecting residents.

However recently, fraudulent disclosures impersonating Discord and VRChat ended up on the platform, with the latter having to issue a statement saying the filing was submitted using a fake employee name.

Disabling the portal

Soon after, the Maine AG Office confirmed the reports, saying the fakes were submitted through the state’s reporting system.

"The Office of the Maine Attorney General has been made aware of an apparent abuse of our data breach reporting system," it was said in the statement.

"After conversations with VRChat, one of two affected companies, it has become clear that the reported data breaches were hoaxes submitted by an unknown entity unrelated to either company. These false reports have been removed from the database. We have no knowledge of any recent legitimate data breach reports from either VRChat or Discord."

To prevent similar abuse in the future, the Maine AG Office launched an investigation and temporarily disabled public access to the portal.

"We don’t have any independent knowledge of the breaches, the submitting entity fills out the information, and it goes directly onto the site. We will review the one you’ve flagged, thank you," Maine Attorney General's Office told BleepingComputer.

Companies can still submit breach notifications through the reporting service, but the general public looking for information will need to contact the Office directly.

Via BleepingComputer

Sign up to read this article
Read news from 100's of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Ben Affleck, Jennifer Lopez Divorce: Tom Cruise, Drake, and Michael B. Jordan Allegedly 'Aggressively Pursuing' J.Lo
Jennifer Lopez faces new dating rumours involving Hollywood stars after her divorce from Ben Affleck. Despite speculation, Lopez remains focused on her career and dismisses rebound claims.
International Business Times UK
International Business Times UK
'Meghan Wanted Access, Not Friendship': Inside Taylor Swift's Brutal Wedding Snub of Meghan Markle
A report has claimed that Meghan Markle was not invited to Taylor Swift's wedding, but the story remains unconfirmed and speculative.
International Business Times UK
International Business Times UK
Rochester woman drove to another state for a friend’s wedding. Then she found out the wedding was tomorrow, and she wasn’t on the list: ‘so nasty’
"I would have taken my gift and left."
We Got This Covered
We Got This Covered
License Plate Cameras Are About To Start Tracking A Lot More Than Just Your Car
A company has developed new tech that enables license plate cameras to track the gadgets you have in your pocket alongside your car.
InsideEVs
InsideEVs
Anya Taylor-Joy will make a brilliant elf assassin in Hunt for Gollum. But it’s a movie we don’t need
Andy Serkis has picked the perfect actor for the next iteration of the Lord of the Rings franchise. But if Tolkien didn’t linger over this subplot, should we?
The Guardian - UK
The Guardian - UK
Toy Story 5’s ‘Lilypad’ is an indictment of the world that birthed the ‘iPad Kid’
In the trailer for “Toy Story 5,” a little girl named Bonnie is playing with her toys when a package arrives in the mail.
The Conversation
The Conversation
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.
Download on the AppStore Get it on Google Play