The organization is reaching out to users affected by the breach via email.
The organization is reaching out to users affected by the breach via email.
A third-party customer service provider associated with Discord was breached by an “unauthorized entity,” the company reports. The unauthorized entity obtained “information from a limited number of users who had reached out to Discord via our Customer Support and/or Trust & Safety divisions” with the intention to “extort a financial payment from Discord.” The unauthorized entity “did not gain access to Discord directly.”
Details that could have been accessed due to the breach include elements such as names, usernames, email addresses, and the last four digits of credit card numbers. The unauthorized entity also accessed a “small number” of images of government identification from “users who had disputed an age decision.” Full credit card numbers and passwords were not compromised in the incident, according to Discord.
The company is currently informing affected users via email. If your ID may have been accessed, Discord will indicate that. Furthermore, Discord states it has terminated the support provider’s access to its ticketing system, has alerted data protection authorities, is collaborating with law enforcement, and has evaluated “our threat detection systems and security controls for third-party support providers.”
