Menace actor HawkSec claims to be auctioning a Discord dataset comprising 78,541,207 recordsdata. The gathering, organized into messages, voice classes, actions, and servers, stems from an deserted OSINT/CSINT mission spanning a number of months.
HawkSec promoted the dataset of their Discord server, titled “Hiya Hawks Group,” saying availability for buy by way of designated channels.
Recordsdata purportedly cowl public Discord interactions, with specifics like “ME recordsdata,” voice information, and server metadata highlighted in screenshots. No pricing particulars surfaced publicly, however the actor invited inquiries for samples.
Comparable gross sales have appeared earlier than, equivalent to a 2025 itemizing of 348 million scraped messages from practically 1,000 public servers on cybercrime boards.
Researchers have additionally launched massive public datasets, equivalent to “Discord Unveiled,” which accommodates over 2 billion messages from 3,167 servers by way of Discord’s API.
Discord Breach Declare
The 78 million recordsdata counsel intensive scraping, probably focusing on Discovery-listed public servers averaging 1,200 members every. HawkSec described the trouble as initially geared toward superior intelligence instruments earlier than pivoting to commercialization.
Whereas no non-public information is confirmed, aggregated public logs elevate re-identification dangers when cross-referenced with different sources.
Discord has confronted scrutiny over public scraping; previous incidents concerned instruments like Spy.pet promoting billions of messages. Respectable educational scrapes emphasize anonymization and API compliance, not like underground gross sales.
Public Discord information can gas harassment, doxxing, or focused phishing, even and not using a breach. Customers in seen servers face amplified publicity, mirroring 2025 issues over 2 billion-message datasets sparking privateness debates. No proof ties this to Discord’s infrastructure; it aligns with API-accessible public content material.
Discord maintains that public channels are brazenly accessible, distinguishing scrapes from breaches. In 2025, a third-party vendor incident uncovered 70,000 authorities IDs by way of Zendesk, however attackers exaggerated the scope to five.5 million customers. Officers urged vigilance in opposition to phishing post-leak.
No response from Discord on HawkSec but, as of January 12, 2026. Cybersecurity specialists advocate reviewing server visibility settings and monitoring for misuse.
HawkSec’s declare stays unverified past the shared picture, underscoring ongoing threats from information commodification in gaming communities.
Observe us on Google Information, LinkedIn, and X for day by day cybersecurity updates. Contact us to characteristic your tales.
