TLDR
Scammers submitted fraudulent data breach disclosures to the Maine Attorney General's public portal, fabricating incidents that named VRChat (2.4M users) and Discord (10M users) without any real compromise. The portal accepts unverified...
Como funciona
Scammers submitted fraudulent data breach disclosures to the Maine Attorney General's public portal, fabricating incidents that named VRChat (2.4M users) and Discord (10M users) without any real compromise. The portal accepts unverified...
Señales de alerta
- Breach notice lists vague or inconsistent dates (e.g., discovery after notification, placeholder phone numbers, free Gmail contacts). The cited submitting employee or email does not exist at the company. Official portals accept filings without identity verification, so the appearance of a notice does not prove a real breach
Qué hacer
- 1Verify any breach notice by contacting the company through its official website, never via links or numbers in the notice itself. Check the company's own security advisory page and known reporter outlets before reacting. Treat unsolicited follow up calls
Fuente
bleepingcomputer
Fuente verificada por Mythos Forensic Team
https://www.bleepingcomputer.com/news/security/maine-breach-portal-abused-to-publish-fake-data-breach-disclosures/FAQ
Es Fake data breach notices posted on Maine portal hit VRChat and Discord una estafa real?
Si. Trata el mensaje, la llamada o la solicitud de pago como sospechosos hasta que los verifiques por un canal oficial.
Cuales son las primeras senales?
Breach notice lists vague or inconsistent dates (e.g., discovery after notification, placeholder phone numbers, free Gmail contacts). The cited submitting employee or email does not exist at the company. Official portals accept filings without identity verification, so the appearance of a notice does not prove a real breach
Que debo hacer primero?
Verify any breach notice by contacting the company through its official website, never via links or numbers in the notice itself. Check the company's own security advisory page and known reporter outlets before reacting. Treat unsolicited follow up calls
Puede LegalAudit revisar mi caso?
Si. Abre el chat gratis y pega el mensaje, el enlace, el remitente o los datos de pago para un triage.