Discord has confirmed that one of its third-party customer service providers was compromised by an “unauthorized party” in an attempted extortion scheme.
The breach exposed information from a limited number of users who had contacted Discord’s Customer Support or Trust & Safety teams.
According to the company, potentially exposed data includes names, usernames, email addresses, and the last four digits of credit card numbers. In some cases, a “small number” of government ID images submitted for age-verification appeals were also accessed. Discord emphasized that full credit card numbers and user passwords were not affected, and the unauthorized party did not gain access to Discord’s own systems.
The company says it has revoked the compromised provider’s access to its ticketing system, notified relevant data protection authorities, and is cooperating with law enforcement. Impacted users are being contacted directly via email, with specific notices if ID images were involved. Discord also noted it has strengthened monitoring and security controls for third-party support providers following the incident.
If this article helped you, please consider supporting our work. Every small contribution keeps Abijita.com independent and running.
