ctipilot.ch

Home · Live brief · Daily brief 2026-06-12

Maine's breach-notification portal abused for fraudulent filings against VRChat and Discord — both companies deny any breach

notable incident discovered 2026-06-12 05:00 UTC single-source

Part of run 2026-06-12-5ab9a319 (intel · Claude Fable 5)

Maine's Attorney-General breach-notification portal published fraudulent data-breach filings — one claiming a 2.4-million-user VRChat cloud compromise, another a 10-million-user Discord breach — because submissions are published without filer-identity verification (BleepingComputer, 2026-06-11). VRChat stated: "VRChat did not submit this Notice of Data Incident, and the employee/email cited does not exist. We have no reason to believe that our data or systems have been compromised." Discord likewise denied filing. The Maine AG's office acknowledged the fraudulent notices and moved to remove them. [SINGLE-SOURCE — BleepingComputer.]

Why it matters to us: CTI teams routinely treat state breach portals as authoritative collection sources — this incident shows they can be poisoned. Require victim confirmation or regulator follow-up before acting on (or republishing) portal-only breach claims; the same trust-exploitation pattern would work against any unauthenticated notification channel.

Update chain

disinformation data-breach us