Comment by stevage
7 days ago
Since the author is apparently afraid to name the organisation in question, it seems the legal threats have worked perfectly.
7 days ago
Since the author is apparently afraid to name the organisation in question, it seems the legal threats have worked perfectly.
Or maybe in the diving community, "Maltese insurance company for divers" is about as subtle as "Bird-themed social network with blue checkmarks".
I'm a diver, DAN is the only company I can name that specialises in diving insurance.
Huh, apparently they're registered in Malta, what a coincidence...
I read that entire article thinking it said driving instructor. Doesn't really change anything but it makes so much more sense that he's a part time diving instructor.
checks out with both Perplexity[0] and top Google results
[0]: https://www.perplexity.ai/search/maltese-scuba-diving-insura...
4 replies →
There's pretty much only one global insurer affiliated with dive schools, so this is spot on
well, it is. quick search revealed a name of a certain big player, although there are some other local companies whose policies can be extended to "extreme sports"
https://www.reddit.com/r/scuba/comments/1r9fn7u/apparently_a...
Bluesky?
That's a butterfly.
[flagged]
There is precisely one large, internationally well known company that offers dive insurance and is based in Malta.
They left more than enough clues to figure out that this is DAN (Divers Alert Network) Europe.
Ironically, this will garner far more attention and focus on them than if they had disclosed this quietly without threats.
If you follow the jurisdictional trail in the post, the field narrows quickly. The author describes a major international diving insurer, an instructor driven student registration workflow, GDPR applicability, and explicit involvement of CSIRT Malta under the Maltese National Coordinated Vulnerability Disclosure Policy. That combination is highly specific.
There are only a few globally relevant diving insurers. DAN America is US based. DiveAssure is not Maltese. AquaMed is German. The one large diving insurer that is actually headquartered and registered in Malta is DAN Europe. Given that the organization is described as being registered in Malta and subject to Maltese supervisory processes, DAN Europe becomes the most plausible candidate based on structure and jurisdiction alone.
Maybe.
Or maybe they took what they know to sell to the black hats.
This is legal, correct?
If you can reasonably know they're criminal? No. If you sell an exploit instead of knowledge of a vulnerability? No. If they pay you with something they stole? No.
But otherwise? Usually, yes.
[flagged]