Discord Data Breach Exposes 70,000 Users’ Government IDs
▼ Summary
– This was not a breach of Discord itself but involved a third-party customer service provider used by Discord.
– The numbers being shared online are incorrect and part of an extortion attempt against Discord.
– Approximately 70,000 users globally may have had government-ID photos exposed through the vendor’s age-related appeal process.
– Discord will not pay those responsible for the illegal actions and has ended work with the compromised vendor.
– All affected users have been contacted, and Discord is working with law enforcement and security experts while securing the affected systems.
Following a recent security incident involving an external customer support provider, Discord has moved to clarify the situation and correct misinformation circulating online. The company emphasizes that this was not a direct breach of its own systems, but rather an issue stemming from a third-party vendor used to manage customer service operations. Discord has also refuted the scale of the incident, stating that figures being shared publicly are inaccurate and form part of an extortion attempt against the platform.
Globally, the investigation has identified around 70,000 users whose government-issued identification photos were potentially exposed. This sensitive information was in the possession of the vendor, which utilized it to process and review appeals related to user age verification. Discord has made it unequivocally clear that it will not comply with any financial demands from the individuals responsible for this illegal activity.
All users impacted by this event have now been directly notified. The platform is collaborating with law enforcement agencies, data protection authorities, and independent security specialists as the matter progresses. The compromised systems have been secured, and Discord has terminated its relationship with the affected vendor. The company reassures its community that it treats the protection of personal data with the utmost seriousness and fully acknowledges the worry such an incident can generate.
(Source: The Verge)
