Discord
Discord

Discord march data breach: impact on 180 users highlights

What To Know

  • Discord has started informing users who were affected by a data breach in March, which comes around three months after the platform publicly acknowledged the attack in May.
  • The details were shared in a data breach notification submitted to the Office of the Maine Attorney General.
  • On August 14, a significant data breach occurred due to a vulnerability in the website’s code.
  • This allowed a third-party attacker to pilfer information and offer it for sale on a compromised data forum.

Discord has started informing users who were affected by a data breach in March, which comes around three months after the platform publicly acknowledged the attack in May. Among the 150 million monthly users Discord claims to have, a mere 180 had their sensitive information exposed in this particular breach.

The details were shared in a data breach notification submitted to the Office of the Maine Attorney General. Interestingly, if you’re a Discord user, you’re more likely to have been impacted by the recent Discord.io breach, which affected a larger number of users (760,000) and ultimately led to the shutdown of the website.

Company allowed users to create personalized links for their channels. On August 14, a significant data breach occurred due to a vulnerability in the website’s code.

This allowed a third-party attacker to pilfer information and offer it for sale on a compromised data forum. The stolen data included hashed passwords, billing information, and IDs.

In response, Company made the decision to temporarily take down their website. They plan to completely overhaul their code and security practices to prevent such breaches in the future.

This incident is distinct from the breach that Company may have contacted you about this week. That incident affected Discord itself, not the separate Discord.io entity. In that earlier breach, an unauthorized user gained access to Discord data through a third-party service provider.

This attacker managed to steal information related to service tickets, which included personal details like driver’s license numbers, for 180 users.

Company is reaching out to impacted users via email to inform them about the situation. They are also offering credit monitoring and identity theft protection services to minimize any potential harm.

A spokesperson from Company clarified that is not affiliated with in any way. The two entities don’t share user information directly, nor does Company have control over data held by Discord.io.

The spokesperson emphasized their commitment to safeguarding user privacy and data. They encouraged users to enable Two-Factor Authentication (2FA) for added account security and consider using SMS Authentication as well.

Comments

No comments yet. Why don’t you start the discussion?

Leave a Reply