CyberIntel ⬡ News
★ Saved ◆ Cyber Reads
← Back ◇ Industry News & Leadership Jun 14, 2026

Maine Takes Data Breach Reporting Portal Offline After Fake VRChat and Discord Filings

Cybersecurity News Archived Jun 14, 2026 ✓ Full text saved

The Office of the Maine Attorney General has temporarily taken its public-facing data breach reporting database offline after discovering that an unknown entity submitted fabricated breach notifications targeting two major online platforms, VRChat and Discord, in what officials are calling a deliberate abuse of the state’s breach disclosure system. On June 12, 2026, the Maine […] The post Maine Takes Data Breach Reporting Portal Offline After Fake VRChat and Discord Filings appeared first on Cyb

Full text archived locally
✦ AI Summary · Claude Sonnet


    HomeCyber Security Maine Takes Data Breach Reporting Portal Offline After Fake VRChat and Discord Filings By Guru Baran June 14, 2026 The Office of the Maine Attorney General has temporarily taken its public-facing data breach reporting database offline after discovering that an unknown entity submitted fabricated breach notifications targeting two major online platforms, VRChat and Discord, in what officials are calling a deliberate abuse of the state’s breach disclosure system. On June 12, 2026, the Maine Attorney General’s office issued a formal statement confirming that the reported data breaches involving VRChat and Discord were hoaxes. The false filings were submitted by an unidentified third party with no affiliation to either company. After direct conversations with VRChat, one of the two named organizations, officials confirmed the notifications were entirely fabricated. Both fraudulent entries have since been removed from the public database. Breach Reporting Portal Offline According to earlier reporting, one fake filing claimed that Discord suffered an “insider wrongdoing” incident that exposed the personal data of more than 10 million users, while a separate filing alleged VRChat leaked data on approximately 2.4 million users signed by an employee who does not exist. Neither company filed those reports. Maine’s breach notification law is among the strictest in the United States a company must notify the AG’s office even if just one Maine resident is affected by a breach. This low threshold has made Maine’s public portal a go-to reference for security researchers, journalists, and class-action attorneys seeking early breach disclosures. Critically, the AG’s office has acknowledged that submissions flow directly from the online reporting form onto the public portal without independent verification. This open-access design, while intended to ensure transparency and timely public disclosure, created an exploitable gap that the unknown actor leveraged to plant false information on an authoritative government website. The Maine AG’s office has taken the public-facing breach database offline while it reviews internal procedures to prevent future abuse, while still preserving public access to legitimate breach data. In the interim, entities required to file breach reports can continue doing so through the office’s online reporting service, and those needing information from existing reports can contact the AG’s Consumer Protection Division directly. This incident highlights a systemic vulnerability in self-reported, auto-published government compliance portals. Security professionals and journalists should treat all portal entries as unverified until confirmed directly by the affected company. Real large-scale breaches typically generate corroborating coverage across multiple independent outlets, official company advisories, or legal filings a fake entry rarely produces all three simultaneously. The identity of the individual or group behind the fraudulent submissions remains unknown, and no arrests have been reported as of the time of publication. Follow us on Google News, LinkedIn, and X to Get More Instant Updates. Tags cyber security cyber security news Copy URL Linkedin Twitter ReddIt Telegram Guru Baranhttps://cybersecuritynews.com Gurubaran KS is a cybersecurity analyst, and Journalist with a strong focus on emerging threats and digital defense strategies. He is the Co-Founder and Editor-in-Chief of Cyber Security News, where he leads editorial coverage on global cybersecurity developments. Trending News Ivanti Endpoint Manager Mobile Vulnerability Enables Remote Code Execution Attacks New Browser-in-the-Browser Phishing Attack to Steal Microsoft 365 Logins Critical Redis RCE Vulnerability Enable Attackers to Gain Complete Control to Host Server 21 0-Day Vulnerabilities in FFmpeg Enables Remote Code Execution Attacks Internet Explorer WebBrowser Control Attack Chain Turns Clicks Into RCE Latest News AI New Agentjacking Attack Hijacks Your AI Coding Agent to Run Code From a Hacker’s Server Cyber Security BugHunter – Bug Bounty Toolkit Powered by Claude and Free AI Providers Cyber Security News Splunk Enterprise Pre-Auth RCE Chain Exposes Database With Zero Authentication Cyber Security Anthropic Fable 5 and Mythos 5 Access Blocked to All Users Following Government Directive Cyber Security News Fancy Bear Hackers Abuse EdgeRouters and Cloud Services to Launch Stealthy Cyberattacks
    💬 Team Notes
    Article Info
    Source
    Cybersecurity News
    Category
    ◇ Industry News & Leadership
    Published
    Jun 14, 2026
    Archived
    Jun 14, 2026
    Full Text
    ✓ Saved locally
    Open Original ↗