"Discord has revealed the theft of around 70,000 government-issued ID photos in a recent data breach. The platform was targeted by cybercriminals who compromised one of Discord's third-party vendors. The vendor in question provided customer support services, including age verification, which requires a photo ID displaying the user's date of birth -- a mechanism launched in response to new age verification laws imposed in the UK, which is being followed in the EU, Australia, and some US states."
"The company said the cyberattack's overall aim was to use the stolen data as leverage to secure a "financial ransom." In a security advisory, Discord was keen to emphasize that the data breach didn't occur at Discord -- a messaging platform popular with gamers that has amassed approximately 200 million users worldwide -- but instead through the third-party. Discord has not revealed the exact number of users embroiled in the data breach, beyond saying that the government-issued photo IDs of 70,000 users were exposed."
A third-party customer support vendor for Discord was compromised, exposing roughly 70,000 government-issued ID photos submitted for age verification. The vendor handled age checks introduced under UK laws and mirrored in the EU, Australia, and some US states, requiring photo IDs with dates of birth. Stolen support data may include names, Discord usernames, emails, contact details, limited billing and purchase histories, and messages with support representatives. Full credit card numbers, CCV codes, and authentication data like passwords were not exposed. Attackers sought a financial ransom, and Discord emphasized the breach occurred at the third-party vendor, not within Discord's systems.
Read at ZDNET
Unable to calculate read time
Collection
[
|
...
]