Discord Data Breach Exposed in Third-Party Hack
▼ Summary
– Discord experienced a ransomware attack where hackers accessed customer data through a compromised third-party customer service provider.
– The breach affected a limited number of users who contacted customer support, exposing names, email addresses, and partial billing information.
– Sensitive data like government ID images and internal corporate materials were accessed, but no passwords or full credit card details were compromised.
– Discord has notified law enforcement and is contacting impacted users via email, while revoking the third-party’s system access.
– This incident highlights the growing risk of third-party breaches, with cybersecurity experts noting such attacks are increasingly common in 2025.
A recent security incident at Discord has exposed sensitive user information following a breach at an external customer service provider. The popular social platform confirmed that a ransomware operator infiltrated its third-party support system, gaining access to customer data in what appears to be a financial extortion attempt. This event highlights the growing cybersecurity risks associated with third-party vendors who handle confidential user information.
Discord’s investigation revealed that the unauthorized access affected a limited group of users who had previously interacted with customer support or trust and safety teams. The compromised information includes customer names, Discord usernames, email addresses, and various contact details. Additionally, partial billing information, such as payment methods and the final four digits of credit card numbers, was exposed.
Further data potentially accessed by the threat actors includes user IP addresses, the content of messages exchanged with support agents, and a small collection of government-issued identification images. These ID documents were submitted by users during age verification appeals. The hackers also obtained internal corporate materials, including training documents and company presentations.
Discord is currently notifying affected individuals via email sent from the official noreply@discord.com address. The company emphasized that it will not use alternative communication methods like phone calls for these security alerts. While the exact number of impacted accounts remains undisclosed, Discord serves over 200 million active users monthly worldwide.
Importantly, the platform clarified that complete credit card numbers, CVV security codes, user passwords, and authentication credentials were not compromised. The breach was confined to customer service interactions, meaning personal messages and activities within Discord servers remained secure. Law enforcement agencies and data protection authorities have been informed about the incident.
In response to the breach, Discord immediately revoked the compromised third-party provider’s access to its support ticketing system. The company has also initiated a comprehensive review of security protocols governing all external service providers. Cybersecurity experts note that third-party vulnerabilities present significant challenges for organizations. As Jake Moore, ESET’s global cybersecurity advisor, observed, “These external weaknesses are frequently harder to monitor yet contain sensitive data, making them attractive targets for cybercriminals.”
This incident joins a series of high-profile data breaches throughout 2025 stemming from compromised third-party IT suppliers. Notorious hacking collectives like Scattered Spider and ShinyHunters have been connected to similar attacks, often employing social engineering tactics to obtain privileged access credentials.
(Source: Info Security)
