Overview

• Attackers compromised a customer-support vendor’s ticketing system rather than Discord’s own infrastructure.
• Data potentially exposed includes names, emails, IP addresses, billing details such as payment type and the last four digits of cards, purchase history, and support messages with attachments.
• A small number of government ID images used for age verification were involved, but full card numbers, security codes, passwords, and broader Discord activity were not.
• Discord revoked the vendor’s access, opened an internal investigation with external forensics, notified law enforcement, and is emailing affected users with guidance, noting it will not call and will communicate from [email protected].
• The company has not named the contractor or disclosed the number of affected users, describing the total as limited following a late‑September intrusion and an extortion demand.