Exclusive: What Happened? A dispute between NightLion Security and Astoria Company Escalates
A DataBreaches.net exclusive:
It is not uncommon for a firm to deny allegations that they have been breached. It is not uncommon for a firm to acknowledge that there has been a breach but claim that it is not as dramatic as a researcher might claim.
And it is not uncommon for researchers to receive legal threat letters concerning their claims, as this blogger is all too painfully aware.
But in my experience, it is uncommon that months after a breach claim, the controversy is escalating instead of coming closer to resolution. But that is precisely appears to be what is happening between NightLion Security and Astoria Company LLC.
In a new report, What Happened? DataBreaches.net discusses a disputed breach report.
There are two main parts to the report. There is the issue of whether the data are real and whether this was a small breach or a massive breach in scope. And then there is the issue of what happened when DataBreaches.net attempted to investigate and validate claims made to this site by NightLion Security’s CEO, Vinny Troia.
May 6: Updated and Revised: The report that originally appeared has been revised to reflect that I may have misinterpreted Telegram’s answer to me and that I am awaiting an answer to follow-up questions sent to them. Other material was deleted as inappropriate.
The revised report has now been split into two parts, both pdf files:
When a response from Telegram is received, the report will be updated and an updated version will be linked from here.
Related: A copy of Astoria’s data breach notification, submitted to the Massachusetts Attorney General’s Office, has been uploaded to this site, here. On April 27, they notified 70 consumers nationwide, based on the sample of data that they had received and that they had confirmed came from their system. Whether they will be notifying millions more remains to be seen.