Discord, a messaging platform with over 200 million users predominately among gamers, has reported a potential leak of official ID photos belonging to approximately 70,000 users following a cyber-attack. The breach did not involve any unauthorized access to the Discord platform itself; rather, it targeted a third-party firm responsible for age verification.
Users can submit ID photos to confirm their ages on Discord, which serves as a communication hub for gamers to converse and share files. The compromised data could include personal information, partial credit card details, and messages exchanged with Discord’s customer service representatives. However, full credit card information, passwords, and user activity unrelated to customer support interactions were not affected, according to the company.
Discord has notified all users whose information may have been implicated and is collaborating with law enforcement to investigate the incident. In response to the breach, Discord has revoked access for the third-party customer support provider involved, although the company has not disclosed its name. A representative from Zendesk, the customer service software utilized by Discord, stated that its systems remained secure and that no vulnerabilities in its platform led to the breach.
Despite some online speculation suggesting the extent of the data breach might be greater than reported, a Discord spokesperson labeled such claims as inaccurate and part of attempts to extort payment, asserting that the company will not comply with these demands. The incident highlights the ongoing issue of cybercriminals targeting personal data, which can be sold for significant sums on the black market. Sensitive information like full names and official ID numbers retains its value over time, unlike some financial details.
Previously, Discord had enhanced its age verification protocols in response to concerns regarding the distribution of inappropriate content on its platform.
Source: https://www.bbc.com/news/articles/c8jmzd972leo?at_medium=RSS&at_campaign=rss