The popular communication platform Discord has confirmed a security breach in which user data was leaked. According to the company’s statement, the breach occurred not directly on Discord’s own systems, but through a third-party customer service provider. This particularly impacted users who had contacted the platform’s support department. The company announced that it has begun sending email notifications to affected users.
The attackers reportedly aimed to demand a ransom from Discord. While the attackers were unable to directly access the company’s servers, they exploited a vulnerability in its partner’s systems to access data containing customer support requests. This incident highlights the critical importance of large companies overseeing not only their own security systems but also the security standards of the third-party companies they work with.
Discord: Some users’ credentials were also leaked
The data affected by the breach includes users’ names, Discord usernames, email addresses, and the last four digits of credit cards. More importantly, it was reported that scanned official ID documents were also obtained for a small number of users who uploaded their ID photos to the system for age verification. Discord reassured users by emphasizing that users’ full credit card numbers and passwords were not affected by the breach.
Following the incident, Discord announced that it revoked the relevant service provider’s access to the system and reported the situation to legal authorities. Despite the access ban in our country, the platform is known to be heavily used through methods like VPNs. Therefore, the data breach has the potential to directly impact users in Turkey.
So, what are your thoughts on this data breach? Were you using Discord despite the ban? Share your thoughts in the comments.
{{user}} {{datetime}}
{{text}}