Key Takeaways
1. Around 70,000 Discord users may have had their government identification compromised due to a security incident.
2. The breach occurred through a third-party service used for customer support, affecting users who contacted the Customer Support or Trust & Safety teams.
3. Discord has cut off the vendor’s access to its ticketing system and is investigating the incident with law enforcement.
4. Affected users will be notified via email from Discord, with no phone calls made to protect victims.
5. As companies require IDs for service, users are exploring ways to protect themselves, including using VPNs, although some sites block these IP addresses.
Discord has disclosed the possible scale of its recent security incident. The firm announced in an updated press release that around 70,000 users of its platform might have had their government identification compromised.
Breach Details
This data breach follows Discord’s move to join a rising number of tech firms that are requiring their customers to verify their age by submitting their driver’s licenses or government IDs. The platform has set up a process where users must upload selfies when they are reported for being underage.
As per Discord, the breach happened via an unnamed third-party service that assists with its customer support. Only those users who had interacted with the Customer Support or Trust & Safety teams are impacted. The company also clarified that only the customer data shared with these teams was at risk.
Official Statement
The statement partially reads, “Recently, we found an incident where an unauthorized party accessed one of Discord’s third-party customer service providers. The unauthorized party then obtained information from a limited number of users who reached out to Discord through our Customer Support and/or Trust & Safety teams.”
Discord has cut off the vendor’s access to its ticketing system while it investigates the situation along with law enforcement.
Compromised Data
The official announcement mentions that the following customer data could be compromised:
Discord is reaching out to affected users who will receive an email from [email protected]. The company cautions that no phone calls will be made to protect unaware victims.
As more companies strive to meet local legal demands by requiring IDs for service access, many users are considering ways to safeguard themselves against such breaches. Some have turned to VPNs to hide their real locations, although several well-known websites already block IP addresses linked to VPNs.
Source:
Link
Leave a Reply