Particle.news
Download on the App Store
8 ARTICLES
·
2h ago

Discord Says Third-Party Support Breach Exposed Some User Data, Including ID Images

The company is notifying affected users, with no passwords or full credit card numbers reported exposed.

Discord hackers distribute malware that can stay persistent for months
Image
blank
Image

Overview

  • Discord reports an unauthorized actor compromised a customer support vendor on September 20, affecting a limited set of people who contacted Customer Support or Trust & Safety.
  • Exposed information includes names, usernames, email addresses, contact details, IP addresses, support messages and attachments, purchase history, and partial billing data such as payment type and last four card digits.
  • A small number of government ID images submitted for age‑verification appeals were accessed, while general private messages on the platform were not included.
  • Discord says the actor attempted to extort a ransom and did not gain direct access to Discord’s core systems, with full credit card numbers and passwords unaffected.
  • The company revoked the vendor’s access, engaged a forensics firm, notified data protection authorities, and is working with law enforcement; attribution and the provider’s identity remain undisclosed as a group calling itself Scattered Lapsus$ Hunters claims responsibility.