Popular communication platform Discord has confirmed a data breach involving one of its third-party customer service providers. The company said that an "unauthorized party" accessed data from a limited number of users who had contacted Discord's Customer Support and/or Trust & Safety teams. The attacker reportedly sought to extort a financial ransom from Discord but did not gain direct access to the platform itself.
The data compromised in the breach includes usernames, email addresses, and last four digits of credit card numbers. A small number of government-issued ID photos from users who had appealed an age determination were also accessed by the unauthorized party.
However, Discord has clarified that full credit card numbers and passwords were not affected by this security incident.
Following the data breach, Discord is notifying affected users via email. If the ID of any user was possibly accessed in the breach, Discord will specifically mention that in its communication.
The company has also revoked access to its ticketing system from the support provider involved in this incident and reported the matter to data protection authorities.
In addition to notifying affected users and revoking access, Discord is also working closely with law enforcement agencies to investigate the breach. The company has reviewed its threat detection systems and security controls for third-party support providers in light of this incident.
These measures are part of Discord's commitment to maintaining user trust and ensuring data security on its platform.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
