Catalin Cimpanu reports:
A threat actor has hacked the website of the Principality of Sealand, a micronation in the North Sea, and planted malicious code on its web store, which the government is using to sell baron, count, duke, and other nobility titles.
Called a “web skimmer,” the malicious code allowed the hackers to collect user and payment card details for anyone who purchased products, such as nobility titles, from the country’s online store.
Read more on The Record.
So while the whole principality seems somewhat laughable, what data breach notification laws actually apply here? Will the principality be mailing out breach notices to all customers?