Discord Data Breach Exposes 70,000 User ID Photos Through Third-Party Vendor

The widely used messaging app confirmed that the images of government-issued identification were compromised in a security incident involving a customer service provider, though internal systems remained secure

Author Image
Written by Alan Rada Published:
Author Image
Reviewed By Reviewed By Rekha Sharma
Google News Google News
Cracked Discord logo on red background. Discord Data Breach Exposes 70,000 User ID Photos Through Third-Party Vendor

Share this crypto insight on your favorite social media platform

Key Takeaways

  • The Discord data breach exposed approximately 70,000 government-issued ID photos through a compromised third-party customer service vendor.
  • No passwords, complete credit card information, or normal platform messages were accessed in the incident.
  • Discord is working with law enforcement, is notifying affected users, and is not going to pay the ransom to the hackers.

Third-Party Security Failure Impacts User Privacy

A significant Discord data breach has potentially exposed government-issued identification photos of approximately 70,000 users, the platform confirmed this week. The incident originated not from Discord’s internal systems but from a compromised third-party customer service vendor used for age verification appeals. 

This Discord data breach represents one of the most severe privacy incidents for the platform, as the documents involved contain permanent personal identifying information that cannot be changed, like credit card numbers.

Discord Data Breach Exposes 70,000 User ID Photos Through Third-Party Vendor: The widely used messaging app confirmed that the images of government-issued identification were compromised in a security incident involving a customer service provider, though internal systems remained secure.
Discord data breach. (Image source: Pexels)

Read also: Critical WhatsApp 0-Click Vulnerability Exploited via DNG File – Watch Your Crypto!

Limited But Sensitive Information Compromised

While the Discord data breach was contained to customer service interactions, the exposed data includes names, Discord usernames, email addresses, partial credit card digits, and the sensitive government ID images submitted for age verification. The platform (widely used by crypto communities) has stated that no passwords, full payment information, or regular user messages were accessed. Discord disabled the vendor’s access to their system, began a forensic investigation to assess and quantify the data breach, and is cooperating with law enforcement regarding the attempted extortion.

Read also: Massive Vietnam Data Breach: National Credit Center Hacked – Protect Your Crypto!

Contradictory Reports and Transparency

The confirmed Discord data breach of 70,000 IDs comes among conflicting online reports suggesting a larger compromise/leak of over 2 million images. Discord has firmly denied these claims, characterizing them as part of a ransom attempt. 

This incident draws attention to the risk to privacy that comes with age verification requirements as a result of government regulations like the Online Safety Act in the UK, and how the collection of identifying data creates new targets for cyber criminals, despite assurances that the data would be handled securely.

FAQs

How did the Discord data breach occur?

The hackers infiltrated a third-party customer service vendor that Discord employs to handle age verification appeals, not Discord’s own systems.

What should affected users do?

So far, Discord is reaching out to affected users from the email address noreply@discord.com and advises users to be vigilant to protect themselves from any phishing attempts. 

Will Discord pay the ransom?

The company has stated it “will not reward those responsible for their illegal actions,” indicating no ransom will be paid.

For more data breach stories, read: Sweden’s Massive Data Leak: 100M Records Exposed in Shocking Security Failure

Disclaimer

All content provided on Times Crypto is for informational purposes only and does not constitute financial or trading advice. Trading and investing involve risk and may result in financial loss. We strongly recommend consulting a licensed financial advisor before making any investment decisions.

Crypto NewsCybercrimeCybersecurityData BreachDiscordHackingTechTech News
Author Image
Written by Alan Rada News Writer at Times Crypto

A Content and Community Management specialist with a knack for turning complex ideas into engaging stories. With a solid IT background, Alan has led teams to create and refine impactful projects across industries. He’s passionate about Web3, Health, Science, Finance, and Sports/Fitness, bringing a unique blend of technical expertise and creative flair to every piece he writes. When he’s not crafting content, you’ll find him diving deep into research or just having some fun!

Read Next