The favored communication platform Discord is dealing with an extortion try following a major information breach at one among its third-party customer support suppliers, Zendesk.
Risk actors declare to have stolen 1.5 terabytes of delicate information, together with over 2.1 million government-issued identification images used for age verification.
Whereas Discord confirms the breach, it disputes the dimensions of the incident, stating that roughly 70,000 customers had their ID images uncovered.
The breach, which occurred on September 20, 2025, didn’t compromise Discord’s personal servers however as an alternative focused its buyer help programs managed by the third-party vendor.
The attackers reportedly gained entry for 58 hours by compromising the account of a help agent employed by an outsourced enterprise course of supplier.
A infamous cybercrime group generally known as Scattered Lapsus$ Hunters (SLH) has claimed duty, taunting the corporate publicly whereas making an attempt to safe a ransom.
The compromised info is in depth and primarily impacts customers who interacted with Discord’s Buyer Help or Belief & Security groups.
The stolen information consists of names, Discord usernames, e-mail addresses, and restricted billing particulars corresponding to cost kind and the final 4 digits of bank card numbers. Moreover, messages exchanged with customer support brokers and person IP addresses had been uncovered.
Essentially the most alarming side of the breach is the theft of government-ID pictures, corresponding to driver’s licenses and passports, which had been submitted by customers to enchantment age-related account restrictions.
The attackers declare to own 2,185,151 of those images, a determine Discord has labeled as “inaccurate” and a part of the extortion effort. The hackers allege the info haul impacts 5.5 million distinctive customers throughout 8.4 million help tickets.
In distinction, Discord maintains that its investigation has recognized round 70,000 affected customers globally whose IDs could have been uncovered.
Discord has acknowledged it won’t pay the ransom demanded by the cybercriminals. Upon discovering the incident, the corporate instantly revoked the compromised vendor’s entry to its ticketing system and terminated its partnership with them.
Chat, we’re cookedDiscord is being extorted by the individuals who compromised their Zendesk instanceThey’ve obtained 1.5TB of age verification associated images. 2,185,151 photostl;dr 2.1m Discord customers drivers license and/or passport may be leaked. Unknown variety of e-mails— vx-underground (@vxunderground) October 8, 2025
Discord has launched an inside investigation, engaged a number one laptop forensics agency, and is collaborating with legislation enforcement and information safety authorities to handle the assault.
The corporate is within the means of notifying all affected customers through e-mail from the tackle [email protected] and has warned customers that it’ll not contact them via some other channel concerning this matter.
The notification e-mail will specify if a person’s authorities ID was a part of the compromised information. Discord has assured its neighborhood that the breach didn’t expose full bank card numbers, passwords, or personal messages and exercise exterior of buyer help interactions.
This incident highlights the rising menace of provide chain assaults, the place attackers goal much less safe third-party companions to entry the info of bigger organizations.
The incident is ongoing, and the complete influence will depend upon whether or not the menace actors comply with via on their menace to launch the stolen information.
Cyber Consciousness Month Provide: Upskill With 100+ Premium Cybersecurity Programs From EHA’s Diamond Membership: Be a part of In the present day
