Maine disables data breach notification portal after fake disclosures

Key Points:

• Maine's data breach notification portal has been disabled following the submission of fraudulent breach disclosures impersonating companies like Discord and VRChat.
• The incident highlights vulnerabilities in the reporting system, allowing misinformation to spread and potentially damaging company reputations. No legitimate breaches were reported by the affected companies.
• Security teams should review their incident reporting processes and consider implementing stricter verification measures to prevent similar abuses in the future.

Technical Details: The fraudulent disclosures were submitted using fictitious employee names, demonstrating a lack of verification in the breach reporting process.

MITRE ATT&CK Techniques: None mentioned

IOCs Mentioned: None mentioned