## Discord Reveals Data Breach via Third-Party Vendor Affecting Around 70,000 Users
Discord, the popular VoIP and instant messaging social platf...
Discord, the popular VoIP and instant messaging social platform, has recently disclosed a data breach resulting from unauthorized access to a third-party customer service provider. The incident is believed to have exposed the data of approximately 70,000 users, including email addresses, contents of customer service messages, and attachments.
The breach occurred when a threat actor gained unauthorized...
The breach occurred when a threat actor gained unauthorized access to the support ticket queue of a third-party vendor used by Discord. This unauthorized access allowed the threat actor to view sensitive information, although the exact nature and extent of the data accessed are not fully detailed. Discord has emphasized that the breach did not result from a direct attack on its own systems but rather through the compromised account of a third-party support agent.
As soon as Discord became aware of the incident, the company...
As soon as Discord became aware of the incident, the company took swift action to mitigate the damage. The compromised account was immediately deactivated, and a thorough malware check was conducted on the affected machine. Additionally, Discord collaborated with the affected third-party provider to enhance their cybersecurity practices and prevent similar incidents in the future.
The breach highlights the risks associated with third-party...
The breach highlights the risks associated with third-party vendors and the importance of robust security measures across all partners in the digital ecosystem. Although Discord believes the risk from this breach is limited, the company has advised affected users to remain vigilant for potential phishing attempts or suspicious activity.
Discord has not officially named the third-party vendor invo...
Discord has not officially named the third-party vendor involved in the breach, but speculation suggests it might be Zendesk, a well-known provider of customer support software. The company's proactive response and communication with affected users demonstrate its commitment to transparency and customer security.
This incident serves as a reminder for all businesses to tho...
This incident serves as a reminder for all businesses to thoroughly assess and secure their supply chains, ensuring that third-party vendors meet stringent security standards. As digital platforms continue to grow and rely on external services, the potential for third-party breaches will remain a significant concern.
In response to the breach, users are advised to monitor thei...
In response to the breach, users are advised to monitor their accounts closely and report any suspicious activity. Discord's emphasis on improving security practices with its partners underscores the company's dedication to protecting user data and preventing future incidents.
🔄 Updated: 10/9/2025, 10:00:08 PM
Following Discord's recent revelation that a third-party vendor breach exposed the government IDs of approximately 70,000 users, the company's parent entity, Discord Inc., has not seen significant immediate stock price movements. However, the broader market concern over data security could potentially impact the technology sector in the coming days. While specific stock price details are not available due to Discord not being publicly traded, the incident highlights ongoing cybersecurity challenges in the tech industry.
🔄 Updated: 10/9/2025, 10:10:11 PM
Discord has confirmed a data breach impacting approximately 70,000 users globally, after attackers compromised a third-party support vendor’s systems—not Discord’s own infrastructure—used to review government ID submissions for age verification appeals[2]. The incident, detected in early October 2025 but with attackers accessing data as early as September 20, involved unauthorized access to sensitive documents, including government-issued ID photos, but did not extend to user messages or account activity beyond what was shared with support teams[2][5]. Discord immediately revoked the vendor’s access, launched forensic investigations, and is notifying affected users directly by email, emphasizing that official communications will only come from noreply@discord.com[2].
🔄 Updated: 10/9/2025, 10:20:13 PM
Discord confirmed on October 8, 2025, that a breach by hackers at a third-party customer support vendor exposed approximately 70,000 users’ government-issued ID photos, along with names, email addresses, and contact details, primarily affecting those who had interacted with its Customer Support or Trust & Safety teams regarding age verification appeals[3][4]. In a statement, Discord stressed “this was not a breach of Discord, but rather a third-party service we use to support our customer service efforts,” adding that it has immediately revoked the vendor’s access, launched internal and forensic investigations, and is cooperating with law enforcement[4]. There is no immediate public regulatory action or government statement about the breach, but Discord’s compliance with
🔄 Updated: 10/9/2025, 10:30:10 PM
Following Discord's announcement of a data breach via a third-party customer service vendor affecting around 70,000 users' government ID photos, the market response has been muted with no significant stock price fluctuations reported as of October 9, 2025. Despite the sensitive nature of the exposed data, investors appeared to factor in Discord's swift action to revoke vendor access and ongoing cooperation with law enforcement, which may have helped stabilize market confidence. No concrete trading volumes or price changes were publicly disclosed in the immediate aftermath of the incident[1].
🔄 Updated: 10/9/2025, 10:40:10 PM
Discord disclosed a data breach involving a third-party customer service vendor that exposed government ID photos of approximately 70,000 users worldwide, primarily those who had communicated with Customer Support or Trust & Safety teams[2]. The breach, attributed to the hacker group Scattered Lapsus$ Hunters, occurred over 58 hours starting September 20, 2025, compromising 1.6 terabytes of data and prompting Discord to revoke vendor access, notify law enforcement, and contact affected users via email[1][2]. Discord emphasized that no passwords, full credit card data, or user messages were accessed and affirmed, “We will not reward those responsible for their illegal actions” while reinforcing the global focus on mitigating third-party risks[1].
🔄 Updated: 10/9/2025, 10:50:11 PM
## Latest Update: Discord Data Breach via Third-Party Vendor
Discord has confirmed that a breach of a third-party customer service provider exposed roughly **70,000 users’ government ID photos**, which the vendor used to review age-related appeals—no Discord core systems, passwords, or private messages were accessed[2][3]. The unauthorized access, attributed to the hacker group Scattered Lapsus$ Hunters, began on **September 20, 2025**, lasted about 58 hours, and resulted in the theft of approximately **1.6 terabytes of data**, including support tickets and partial payment information[1]. Discord has **revoked the vendor’s access**, launched a forensic investigation, and is directly emailing affected users
🔄 Updated: 10/9/2025, 11:00:16 PM
Discord has confirmed a data breach impacting approximately 70,000 users after an unauthorized party accessed a third-party customer support provider’s systems, exposing government ID photos submitted for age-related appeals[2]. The incident, which did not compromise Discord’s core systems, involved the hacker group Scattered Lapsus$ Hunters (SLH), who claim to have stolen 1.6 terabytes of data—including support tickets, partial payment data, and ID images—over a 58-hour period starting September 20, 2025[1]. Discord swiftly revoked the vendor’s access, notified law enforcement, and is directly emailing affected users from noreply@discord.com, emphasizing that no in-app messages, passwords, or
🔄 Updated: 10/9/2025, 11:10:16 PM
Discord revealed a data breach via a third-party vendor that exposed government ID photos of approximately **70,000 users globally** who had interacted with its Customer Support or Trust & Safety teams, but confirmed no passwords or in-app messages were compromised[1][2]. The breach, traced to a compromised support-agent account of an outsourced provider, prompted Discord to revoke vendor access immediately, notify law enforcement, and begin contacting affected users internationally via email[2]. Discord emphasized its commitment to transparency and security, stating, “We will not reward those responsible for their illegal actions” amid ongoing investigations involving global authorities[1][2].
🔄 Updated: 10/9/2025, 11:20:14 PM
Discord confirmed on October 8, 2025, that roughly 70,000 users had government-issued ID photos exposed after a cyberattack targeted a third-party customer service vendor handling age verification appeals—not Discord’s own systems[1][3]. “This was not a breach of Discord, but rather a third-party service we use to support our customer service efforts,” Discord spokesperson Nu Wexler told The Verge, as the company alerted affected users via email and severed ties with the compromised vendor[1][3]. While Discord has not disclosed specific regulatory actions, the breach spotlights growing pressure on platforms to implement “robust” age verification under laws like the UK’s, raising fresh concerns about the risks of storing sensitive
🔄 Updated: 10/9/2025, 11:30:14 PM
Following Discord’s confirmation that around 70,000 users had their government ID photos exposed due to a breach at a third-party vendor, the company announced it is working closely with law enforcement agencies to investigate the incident, emphasizing prompt cooperation with regulatory authorities[3]. Discord has also revoked the compromised vendor’s access and engaged forensic experts to support the inquiry, reflecting compliance with data protection regulations related to sensitive user information[3][4]. No specific regulatory fines or formal government sanctions have been reported yet, but the ongoing investigation suggests active regulatory scrutiny.
🔄 Updated: 10/9/2025, 11:40:14 PM
Discord has confirmed that a breach at a third-party customer service vendor—not their own systems—exposed about 70,000 users’ government-issued ID photos, used to verify age-related appeals, with the incident impacting those who communicated with Discord’s Customer Support or Trust & Safety teams[2]. The unauthorized access, detected in late September 2025, originated from a compromised support agent account at the vendor, leading to potential exposure of support tickets, partial payment data, and ID images, though no core Discord user messages or authentication credentials were accessed[1]. Discord states, “We immediately revoked the customer support provider’s access to our ticketing system…[and] are in the process of emailing the users impacted,”
🔄 Updated: 10/9/2025, 11:50:14 PM
Discord revealed a data breach through a third-party vendor’s compromised customer support system, exposing government ID photos of around **70,000 users worldwide** who contacted Discord’s Customer Support or Trust & Safety teams[2]. The breach, traced to an outsourced provider’s compromised account, led Discord to revoke the vendor’s access immediately and is under active investigation with law enforcement involvement[2]. Discord emphasized no direct breach of its core systems occurred and urged affected users to watch for official email notifications from *noreply@discord.com* while condemning the attackers’ ransom demands[1][2].
🔄 Updated: 10/10/2025, 12:00:17 AM
**Breaking News Update**: Discord has confirmed that a recent data breach through a third-party vendor compromised the personal data of around 70,000 users, including government-ID photos. The breach, which occurred between September 20 and 28, 2025, involved unauthorized access to Discord's Zendesk instance via a compromised support-agent account linked to an outsourced vendor[1][2]. Discord has emphasized, "We will not reward those responsible for their illegal actions," and is actively working with law enforcement to investigate the incident[1][2].
🔄 Updated: 10/10/2025, 12:10:18 AM
In the wake of Discord's recent data breach, experts are questioning the security measures of third-party vendors, emphasizing the need for tighter controls over data storage and access. The incident, which exposed government ID photos of approximately 70,000 users, highlights the challenges of adhering to age verification laws without compromising user privacy, as seen in the UK's Online Safety Act. Industry analysts are calling for more robust oversight and transparency in how sensitive data is handled by external partners, particularly in compliance with evolving regulations.
🔄 Updated: 10/10/2025, 12:20:20 AM
Breaking News Update: Discord has reported that a data breach, resulting from a third-party vendor being compromised, has exposed the data of approximately 70,000 users. The hackers, self-identified as Scattered Lapsus$ Hunters, accessed Discord's Zendesk instance for about 58 hours starting on September 20, 2025, and stole 1.6 terabytes of data, including partial payment information and ID images[1][2]. Discord emphasized its commitment to security, stating, "We will not reward those responsible for their illegal actions," and has taken immediate action by revoking the vendor's access and engaging law enforcement[1][2].