Discord, the popular communications server with approximately 150 million monthly users, has recently notified a subset of its user base about a data breach that occurred in March. This breach, which was publicly acknowledged by Discord in May 2023, impacted a total of 180 accounts, according to a data breach notification filed with the Office of the Maine Attorney General.
In contrast to Discord’s breach, the third-party service Discord.io experienced a much larger attack. The breach of Discord.io affected a staggering 760,000 users and led to the temporary shutdown of the website. Discord.io, a platform that allows Discord users to create customized links for their channels, suffered a major breach on August 14. The attacker exploited a vulnerability in the website’s code and subsequently auctioned off stolen data, including hashed passwords, billing information, and Discord IDs.
As a response to the breach, Discord.io announced the suspension of its services. The company is now committed to a comprehensive overhaul of its website’s code and security practices to strengthen its defense against future breaches.
While the Discord.io incident primarily impacted users’ personal information, the breach in March involved the compromise of a customer support agent’s account. This breach allowed malicious actors to access user email addresses, support tickets, and communications exchanged with Discord’s support team.
Discord’s disclosure to the state of Maine’s attorney general office included a thorough investigation into the compromised support tickets. The findings revealed that the personal information of at least one Maine resident, including their name and driver’s license or state identification card number, had been exposed. This information was subsequently used to inform and notify the affected individuals.
Discord is taking proactive measures to bolster its security infrastructure. Alongside enhancing the security of its platform to protect its user base, Discord is also providing credit monitoring and identity theft protection services to the impacted users to mitigate potential further damage.
In related news, PayPal recently notified 35,000 users of a data breach, indicating an increase in cybersecurity incidents affecting popular online platforms. Additionally, a new malware targeting Discord users to steal personal data has been discovered, highlighting the continued threats faced by users of communications platforms. PayPal has also faced legal action over a data breach that impacted 35,000 users. Furthermore, a recent whistleblower leak revealed a Tesla data breach that affected 75,000 individuals. In response to these risks, Adobe has reset user passwords as a precautionary measure against potential data breaches.
It is clear that data breaches and cyber-attacks continue to be a major concern for both users and companies alike. The incidents involving Discord and Discord.io serve as a reminder of the importance of robust security measures and proactive responses to protect user data. As technology continues to advance, it is crucial for companies to remain vigilant and prioritize the security of their platforms in order to safeguard user information.