Discord, the favored communication platform identified for powering tens of millions of gaming and neighborhood servers, has confirmed a safety incident involving one among its outdoors customer support firms, which has resulted within the publicity of non-public data for a restricted variety of customers.
Discord issued an official replace on October 3, 2025, explaining that an attacker efficiently compromised the programs of a third-party customer support supplier (apparently Zendesk), gaining unauthorised entry to the help agent’s ticket queue, the place delicate buyer information was saved. The corporate emphasised that its personal principal programs weren’t instantly breached. Investigators discovered the attacker’s major aim was to try to demand a monetary ransom from Discord.
What Info Was Stolen?
The uncovered information belongs solely to customers who had just lately contacted Discord’s Buyer Assist or Belief & Security groups. This extremely delicate data contains:
- Names, Discord usernames, electronic mail addresses, and different contact particulars.
- The precise messages exchanged with customer support brokers.
- Restricted billing particulars, particularly the fee methodology and the final 4 digits of a bank card quantity.
Maybe essentially the most alarming element is that the attacker additionally gained entry to a small variety of government-issued ID photos, corresponding to driver’s licenses or passports, submitted by customers for age verification appeals. The publicity of those high-risk paperwork considerably will increase the hazard of id theft for the affected people.
Discord has emailed impacted customers from the official deal with ([email protected]). The amount of notifications has induced concern among the many neighborhood, as involved customers on Reddit at the moment are asking if the e-mail they acquired about their information being affected is actual, highlighting the danger of opportunistic phishing makes an attempt.
Firm Takes Fast Motion
Upon discovering the breach, Discord instantly revoked the help firm’s entry to its ticketing system. The corporate has launched an inside investigation, introduced in a number one pc forensics agency to help with remediation, and is cooperating with regulation enforcement. Discord additionally confirmed that it has notified related information safety authorities.
Whereas Discord was clear on what information was taken, the corporate withheld vital particulars relating to the assault’s scope, the identify of the seller, the variety of affected customers, and the length of the breach.
However, Discord has reassured customers that full bank card numbers, passwords, and common personal messages on the platform weren’t accessed. The corporate is advising all impacted customers to be cautious in opposition to any suspicious emails or communications, given the delicate nature of uncovered information.
Who’s Behind Discord Knowledge Breach?
Though on the time of writing, it stays unclear who’s behind the Discord information breach. Nonetheless, “Scattered Lapsus$ Hunters,” a coalition that mixes the ways and branding of Scattered Spider, Lapsu$, and ShinyHunters, is taking duty for the cyber assault.
The group has shared screenshots on Telegram that seem to indicate entry to Discord’s inside instruments, together with information privateness dashboards and administrative assets, alongside mocking messages aimed on the firm.
Of their posts, the hackers dismissed Discord’s safety measures, corresponding to disabling Okta and Kolide logins, claiming these steps wouldn’t forestall additional intrusions. In addition they revealed particulars just like the alleged inside community identify “SLHM” and threatened to publish extra stolen materials on their “Knowledge Leak Website” (DLS). The attackers additional taunted Discord by boasting about their monetary good points and suggesting they’d way more information than what had already been leaked.
What’s Knowledge Leak Website (DLS)?
DLS (Knowledge Leak Website), as reported by Hackread.com, is the public-facing platform created by Scattered LAPSUS$ Hunters to show alleged stolen information, one billion data claimed within the case of the Salesforce breach.
The location lists dozens of main organisations reportedly affected, and provides documentation and recordsdata on the market, framing the breach as each a menace and a negotiation platform. By doing so, DLS acts not simply as a leak archive however as a software of stress, forcing focused firms into the highlight and escalating visibility across the attackers’ calls for.
Discord and Cybersecurity
Though it is a third-party information breach, it does put Discord in sizzling water once more. The platform was beforehand focused in July 2025 by menace actors impersonating the platform to distribute the Epsilon Crimson ransomware, adopted by an August 2025 malware assault leveraging the Discord Content material Supply Community (CDN).
This newest breach can also be a part of a sample exhibiting Discord’s ongoing wrestle to guard its platform from rising cybersecurity threats, whether or not they exploit third-party distributors or misuse key options for scams and malware distribution.
RELATED NEWS
- This Website is Promoting Billions of Non-public Messages of Discord Customers
- Discord.io Admits Knowledge Breach as Information of 760K Customers Bought On-line
- New Winos4.0 Malware Focusing on Home windows by way of Pretend Gaming Apps
- Medusa Ransomware Claims Comcast Knowledge Breach, Calls for $1.2M
- Chess.com Hit by Knowledge Breach Linked to Third-Occasion File Switch Instrument
