If I were sitting on a big pile of valuable data I was legally forbidden from selling - perhaps to a rogue state willing to pay big bux for it - I might be tempted to engineer a "breach" for plausible deniability. Oops! These things happen!
UPDATED Following notes from several readers, we followed up directly with VRChat on Thursday at 1945 GMT and they told us that the Maine Attorney General's office apparently posted a fake breach report.
According to an email from VRChat's head of community, Charles Tupper, "VRChat did not submit this Notice of Data Incident, and the employee/email cited does not exist. We have no reason to believe that our data or systems have been compromised. We are in the process of contacting the Maine Attorney General's office to have this removed."
In an effort to get to the bottom of this, The Register dialed the phone number on the report as well, but it connected to a line that is not in service. We also tried emailing the address on the report and got no reply. We could find no record of a Scott Caruso affiliated with VRChat.
We apologize for the error, but generally speaking, government data breach reports are considered reliable. The fakers apparently even created a false notice that VRChat ostensibly sent to customers!
If anybody knows who filed this apparently fake report and why, get in touch through our contact page, or through our secure tipline.
Tinfoil hat:
If I were sitting on a big pile of valuable data I was legally forbidden from selling - perhaps to a rogue state willing to pay big bux for it - I might be tempted to engineer a "breach" for plausible deniability. Oops! These things happen!
El Reg has retracted the story;
UPDATED Following notes from several readers, we followed up directly with VRChat on Thursday at 1945 GMT and they told us that the Maine Attorney General's office apparently posted a fake breach report.
According to an email from VRChat's head of community, Charles Tupper, "VRChat did not submit this Notice of Data Incident, and the employee/email cited does not exist. We have no reason to believe that our data or systems have been compromised. We are in the process of contacting the Maine Attorney General's office to have this removed."
In an effort to get to the bottom of this, The Register dialed the phone number on the report as well, but it connected to a line that is not in service. We also tried emailing the address on the report and got no reply. We could find no record of a Scott Caruso affiliated with VRChat.
We apologize for the error, but generally speaking, government data breach reports are considered reliable. The fakers apparently even created a false notice that VRChat ostensibly sent to customers!
If anybody knows who filed this apparently fake report and why, get in touch through our contact page, or through our secure tipline.