"The compromised user information includes names, usernames, email addresses, contact information, billing information, IP addresses, messages exchanged with customer service agents, and limited corporate data. For users who appealed age determination, government ID images were also compromised, Discord notes. The platform says no financial information, Discord activity and messages, or passwords and other authentication data was compromised in the incident."
"Discord has started notifying the affected users via email, has notified the relevant authorities, reviewed its threat detection systems, and took steps to address the data breach. "This included revoking the customer support provider's access to our ticketing system, launching an internal investigation, engaging a leading computer forensics firm to support our investigation and remediation efforts, and engaging law enforcement," the company explains."
The breach affected only users who contacted Discord Customer Support or Trust & Safety through a third-party provider. Compromised data included names, usernames, email addresses, contact and billing details, IP addresses, messages exchanged with agents, limited corporate data, and government ID images submitted for age verification. No financial information, Discord activity, messages, passwords, or authentication data were exposed. Discord revoked the provider's ticketing access, opened an internal investigation, engaged a digital forensics firm and law enforcement, notified affected users and authorities, and reviewed threat detection systems. The company did not disclose the provider identity, incident timing, or total number of affected users.
Read at SecurityWeek
Unable to calculate read time
Collection
[
|
...
]