76West is an unparalleled competition focused on growing entrepreneurs and attracting resources from the U.S. and around the world to build clean energy businesses and jobs in New York State’s Southern Tier region.
- Grow NY (https://www.grow-ny.com/)
- 43 North (https://www.43north.org/)
From the perspective of an attacker this data (see pic) is probably the most interesting. Financial(ish) data on businesses along with what appears to be email/message data.
— Nathaniel Fried (@Nattyfried)
We could not get conformation from the business that they have contacted those impacted…
3/3 pic.twitter.com/5INRDoR2QB
This breach is of particular interest due to the nature of the data breached.
According to TurgenSec’s responsible notice (found here), the data breached ranged from standard PII (name, email, phone) to the entries submitted to the startup competitions, judging criteria, results and even tax information of entrants.
Screenshot from TurgenSec responsible disclosureTurgenSec issued the following request to Skild:
“We encourage Skild to submit the breached data to digital forensics specialists to ascertain the extent of this data breach.
We also encourage Skild to inform any relevant regulatory body, especially if there are UK or EU citizens data contained within the breach, as these should be reported to the local regulator (ICO in the UK). And to issue a public disclosure of this data breach explaining how this datastore breach occurred, including the full extent of what was breached so that the impacted companies, entrants, judges and host organisations can take the necessary steps to protect themselves.”
