A knowledge breach at a third-party customer support supplier has uncovered the non-public knowledge of some Discord customers, together with names, e mail addresses, and a small variety of scanned government-issued picture IDs.
The incident didn’t compromise Discord’s essential methods, and the unauthorized entry was restricted to knowledge dealt with by the corporate’s help groups.
Discord introduced that it not too long ago found an unauthorized get together had gained entry to its buyer help ticketing system by compromising considered one of its third-party service distributors.
The corporate clarified that this was not a direct breach of Discord’s personal servers. The attacker’s objective was reportedly to extort a monetary ransom from the corporate. As quickly because the incident was detected, Discord instantly revoked the compromised supplier’s entry to its methods to forestall additional unauthorized exercise.
The corporate has since launched an inner investigation, engaged a number one pc forensics agency to help, and is collaborating with legislation enforcement businesses.
Discord Knowledge Breach
The information uncovered within the breach pertains to customers who interacted with Discord’s Buyer Assist or Belief & Security groups. The compromised info could embrace full names, Discord usernames, e mail addresses, and different contact particulars offered throughout help interactions.
Restricted billing info, equivalent to fee kind, buy historical past, and the final 4 digits of a bank card quantity, was additionally probably accessed.
Moreover, the breach included consumer IP addresses and the content material of messages exchanged with customer support brokers. Crucially, a small variety of customers who had submitted government-issued picture IDs like driver’s licenses or passports for age verification functions had these delicate paperwork uncovered.
Discord has assured customers that full bank card numbers, CCV codes, non-public platform messages, and account passwords weren’t concerned on this incident.
In response to the assault, Discord has notified related knowledge safety authorities and is actively reviewing the safety controls of its third-party suppliers. The corporate is within the strategy of contacting all impacted customers immediately by way of e mail.
These official notifications might be despatched from the deal with [email protected]. Discord has warned customers that it’s going to not contact them by cellphone relating to this matter and suggested them to be cautious of potential phishing makes an attempt.
Impacted customers are inspired to stay vigilant and scrutinize any suspicious messages or communications they obtain.
Discord has emphasised its dedication to consumer privateness and is taking additional steps to audit its third-party methods to make sure they meet the corporate’s safety requirements and forestall related incidents sooner or later.
Observe us on Google Information, LinkedIn, and X for day by day cybersecurity updates. Contact us to characteristic your tales.
