Overview

• The intrusion hit an external customer service provider, and Discord says its own systems were not accessed.
• Exposed data may include names, emails, usernames, IP addresses, support messages and attachments, limited billing details, and a small number of government ID images from age-appeal reviews.
• Discord revoked the vendor’s ticketing access, hired a forensics firm, and notified law enforcement and data protection authorities.
• Attackers attempted to extort a ransom; the company has not disclosed how many users are affected, describing the group as limited to those who contacted Customer Support or Trust & Safety.
• Researchers report the breach occurred on September 20 and some outlets name a specific vendor and threat group, but Discord has not confirmed the date, the provider, or any attribution.