Discord announced earlier this month that it was taking action against a cyberattack that was tracking users on a large scale and archiving messages, according to details of a report published earlier this month. According to the report by 404 Media, on some of Discord’s largest servers, even for games like Minecraft and Among Us, bots were allegedly tracking users and messages, resulting in data leaks.
Discord said of the data leak: “Our security team is diligently investigating”
According to the report, the more than 4 billion public messages collected by these bots on some of Discord’s largest servers, including user voice data, ranged up to 620 million users’ messages.
This data was then offered for sale by the now defunct website Spy.pet – for as little as $5 ($150~). The website advertised the data as being used by companies to train artificial intelligence models or “federal agents looking for a new source of intelligence.”
Discord said it had banned the accounts responsible and would take legal action:
“Our security team has been diligently investigating this activity, and we have identified and subsequently banned certain accounts that we believe are associated with the Spy.pet website. According to our investigation, these accounts had access to Discord servers where they had easy access to open or accessible invite links that anyone could join. In these spaces, these accounts only had access to the same information as any other user on these servers.”
While there is no statement from Discord that private messages or personal data shared by users on their profiles were not at risk, user safety concerns have been raised due to Spy.Pet’s owner allegedly being a member of the harassment forum Kiwi Farms.
What do you think about this Discord data leak? Please share your thoughts in the comments section.