1. Forum
  2. Fidonet
  3. CONSPRCY

  • Discord reveals more on d

    From Mike Powell@1:2320/105 to All on Thu Oct 9 08:56:33 2025
    [So what was Discord doing with goverment ID data?!?]

    Discord reveals more on data breach - says 70,000 government ID photos may
    have been leaked

    Date:
    Thu, 09 Oct 2025 11:25:00 +0000

    Description:
    The attackers don't agree with Discord's assessment - which could be worrying for users.

    FULL STORY

    Discord has revealed more details about the recent third-party data breach incident , including an estimate of the likely number of ID card photos
    stolen in the attack.

    The company had warned its users about a potential data breach, saying a third-party customer support service provider was breached. The unauthorized party then gained access to information from a limited number of users who
    had contacted Discord through our Customer Support and/or Trust & Safety
    teams, Discord said at the time.

    The identity of the attackers was not disclosed, but Discord did say that the crooks took personally identifiable data, contact information, some corporate data, and a small number of government-issued ID cards.

    How many ID cards?

    Now, BleepingComputer has claimed the company that was likely compromised was Zendesk.

    It also managed to get in touch with the attackers, who claimed to have
    stolen data of 5.5 million unique users, including 2.1 million photos of government IDs. The total size of the archive was 1.6TB, downloaded during
    the 58 hours of unabated access.

    The attackers told the publication they accessed the network through a compromised account belonging to a support agent that was employed through an outsourced business process outsourcing provider that Discord used.

    Discord does not agree on the severity of the breach, though.

    "First, as stated in our blog post, this was not a breach of Discord, but rather a third-party service we use to support our customer service efforts," the company told the publication in a statement.

    "Second, the numbers being shared are incorrect and part of an attempt to extort a payment from Discord. Of the accounts impacted globally, we have identified approximately 70,000 users that may have had government-ID photos exposed, which our vendor used to review age-related appeals."

    "Third, we will not reward those responsible for their illegal actions." The attackers allegedly asked for $5 million - and later reduced the asking price to $3.5 million.

    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/discord-reveals-more-on-data-breach-say s-70-000-government-id-photos-may-have-been-leaked

    $$
    --- SBBSecho 3.28-Linux
    * Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)