{"id":3209,"date":"2025-10-12T12:53:47","date_gmt":"2025-10-12T12:53:47","guid":{"rendered":"http:\/\/ft365.org\/index.php\/2025\/10\/12\/discord-reveals-data-breach-following-third-party-compromise\/"},"modified":"2025-10-12T12:53:47","modified_gmt":"2025-10-12T12:53:47","slug":"discord-reveals-data-breach-following-third-party-compromise","status":"publish","type":"post","link":"http:\/\/ft365.org\/index.php\/2025\/10\/12\/discord-reveals-data-breach-following-third-party-compromise\/","title":{"rendered":"Discord Reveals Data Breach Following Third-Party Compromise"},"content":{"rendered":"<div>\n<p><img decoding=\"async\" src=\"http:\/\/ft365.org\/wp-content\/uploads\/2025\/06\/localimages\/32483240-27a8-4f36-ac60-9d465c05a5d5.jpg?width=64&#038;height=64&#038;mode=crop&#038;scale=both&#038;format=webp\" alt=\"Photo of James Coker\" loading=\"lazy\"><\/p>\n<\/div>\n<div id=\"cphContent_pnlArticleBody\" data-layout-id=\"2\" data-edit-folder-name=\"text\" data-index=\"0\">\n<p>Discord has revealed it has been targeted by a ransomware actor who has accessed customer data, including proof of age ID and billing information.<\/p>\n<p>The incident was caused by the compromise of a third-party customer service provider, which has not been named.<\/p>\n<p>\u201cAn unauthorized party targeted our third-party customer support services to access user data, with a view to extort a financial ransom from Discord,\u201d the social platform wrote in a post on October 3.<\/p>\n<p>The data breach impacts a limited number of customers who had contacted Discord through its customer support and\/or trust and safety teams.<\/p>\n<p>Information potentially compromised includes customer names, Discord account usernames, email and other contact details.<\/p>\n<p>Limited billing details, such as payment type and the last four digits of credit cards were also impacted.<\/p>\n<p>Other potentially affected data includes user IP addresses, messages exchanged with customer service agents and a small number of government ID images from users who had appealed an age determination.<\/p>\n<p>Corporate data, such as training materials and internal presentations were accessed by the hackers.<\/p>\n<p>The company is in the process of contacting impacted users via email from noreply@discord.com. It has told customers that no other communication channels will be used for this purpose, such as phone calls.<\/p>\n<p>No figure has been given on the total number of users impacted by the breach. Discord has more than 200 million active users per month globally.<\/p>\n<p>Discord said that full credit card numbers or CVV codes were not included in the data accessed. No password or authentication data was compromised.<\/p>\n<p>Additionally, no messages or activity on Discord outside of communication with customer support were obtained by the attackers.<\/p>\n<p>Law enforcement and relevant data protection authorities have been notified about the incident.<\/p>\n<h2><strong>Another High-Profile Third-Party Attack<\/strong><\/h2>\n<p>Discord said it took immediate action to mitigate the attack upon detection, including revoking the customer support provider\u2019s access to its ticketing system.<\/p>\n<p>The platform added that it has reviewed its security controls for third-party support providers.<\/p>\n<p>Jake Moore, global cybersecurity advisor at ESET, commented: \u201cThis is a worrying breach, especially as it seems to have come through a trusted third-party rather than Discord itself. Third party weaknesses are often harder to monitor and control yet they still hold sensitive information and are becoming an increasingly common target for cybercriminals.\u201d<\/p>\n<p>The Discord incident follows a plethora of data breaches resulting from the compromise of third-party IT service providers in 2025. Groups such as Scattered Spider and ShinyHunters have been linked to a number of these attacks, which use social engineering techniques to obtain credentials of high-profile users.<\/p>\n<p><em>Image credit: rafastockbr\u00a0\/ Shutterstock.com<\/em><\/p>\n<\/p><\/div>\n","protected":false},"excerpt":{"rendered":"<p>Discord has revealed it has been targeted by a ransomware actor who has accessed customer data, including proof of age ID and billing information. The incident was caused by the compromise of a third-party customer service provider, which has not been named. \u201cAn unauthorized party targeted our third-party customer support services to access user data<\/p>\n","protected":false},"author":2,"featured_media":3210,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-3209","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized"],"featured_image_urls":{"full":["http:\/\/ft365.org\/wp-content\/uploads\/2025\/10\/3209-8f94c864-3832-4d2a-b79f-5c056a2e27ff.jpg",300,300,false],"thumbnail":["http:\/\/ft365.org\/wp-content\/uploads\/2025\/10\/3209-8f94c864-3832-4d2a-b79f-5c056a2e27ff-150x150.jpg",150,150,true],"medium":["http:\/\/ft365.org\/wp-content\/uploads\/2025\/10\/3209-8f94c864-3832-4d2a-b79f-5c056a2e27ff.jpg",300,300,false],"medium_large":["http:\/\/ft365.org\/wp-content\/uploads\/2025\/10\/3209-8f94c864-3832-4d2a-b79f-5c056a2e27ff.jpg",300,300,false],"large":["http:\/\/ft365.org\/wp-content\/uploads\/2025\/10\/3209-8f94c864-3832-4d2a-b79f-5c056a2e27ff.jpg",300,300,false],"1536x1536":["http:\/\/ft365.org\/wp-content\/uploads\/2025\/10\/3209-8f94c864-3832-4d2a-b79f-5c056a2e27ff.jpg",300,300,false],"2048x2048":["http:\/\/ft365.org\/wp-content\/uploads\/2025\/10\/3209-8f94c864-3832-4d2a-b79f-5c056a2e27ff.jpg",300,300,false],"morenews-featured":["http:\/\/ft365.org\/wp-content\/uploads\/2025\/10\/3209-8f94c864-3832-4d2a-b79f-5c056a2e27ff.jpg",300,300,false],"morenews-large":["http:\/\/ft365.org\/wp-content\/uploads\/2025\/10\/3209-8f94c864-3832-4d2a-b79f-5c056a2e27ff.jpg",300,300,false],"morenews-medium":["http:\/\/ft365.org\/wp-content\/uploads\/2025\/10\/3209-8f94c864-3832-4d2a-b79f-5c056a2e27ff.jpg",300,300,false],"crawlomatic_preview_image":["http:\/\/ft365.org\/wp-content\/uploads\/2025\/10\/3209-8f94c864-3832-4d2a-b79f-5c056a2e27ff-146x146.jpg",146,146,true]},"author_info":{"display_name":"henry","author_link":"http:\/\/ft365.org\/index.php\/author\/henry\/"},"category_info":"<a href=\"http:\/\/ft365.org\/index.php\/category\/uncategorized\/\" rel=\"category tag\">Uncategorized<\/a>","tag_info":"Uncategorized","comment_count":"0","_links":{"self":[{"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/posts\/3209","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/comments?post=3209"}],"version-history":[{"count":0,"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/posts\/3209\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/media\/3210"}],"wp:attachment":[{"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/media?parent=3209"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/categories?post=3209"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/tags?post=3209"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}