Publishing views: 8

Discord acknowledges the violation of the data of the third -party seller who has revealed the names of users, email addresses, photo identifiers issued by the government, and billing information for those who contacted customer service. Discover full risks.

Millions of gaming servers and community servers are operated through Discord known in the communications application, which revealed a security breach that includes an external customer support institution that has exposed personal data to a small number of users.

On October 3, 2025, Discord issued an official statement stating that the attacker has successfully violated a third -party customer service provider (supposed to be Zendesk), and has received unauthorized access to the support customer waiting list, which contains sensitive user data. The company confirmed that there was no direct compromise to its initial systems. Investigators discovered that the attempt to extract a cash ransom from Discord was the main goal of the attacker.

What information was stolen?

Only users who recently contacted Discord customers or trust and safety teams are the owners of the disclosed data. This very special data consists of:

• Names, email addresses, user names and additional communication information.
• Real communications with customer support representatives.
• Limited bills information, like the last four credit card numbers and payment method.

The fact that the attacker also got a limited amount of government identity images, such as passports or driver’s licenses, which users have provided to resume age verification, is likely to be the most important aspect. The risk of stealing identity for those who are greatly affected by detecting these high -risk documents is increased.

The affected individuals received email messages from Discord from the official address, (Email protected). Society is concerned about the frequency of notifications, and Reddit users are now wondering whether the email they have received about their affected data is authentic, which confirms the risk of opportunistic hunting efforts.

Email notification from Discord (Source: Reddit)

The company takes quick measures

Discord immediately denied the support company to its ticket system after identifying infiltration. The work works with law enforcement, has begun to investigate, and the higher digital forensic company rented to help cleaning. In addition, Discord is attested to inform the appropriate data protection authorities.

Discord was transparent about the stolen data, but she deleted important information about the extent of the attack, the seller’s name, the number of affected users, and the continuation of the breach.

However, users were informed by Discord that passwords, full credit card details, and public private communications on the platform have not been accessed. Looking at the sensitive nature of the data at risk, it warns to work from all affected consumers that they are cautious about any email messages or fraudulent reactions.

Who is behind the violation of the dispute data?

However, even this lines are written, the identity of the perpetrator of the dispute violation is still unknown. However, the electronic attack is required by “Lapsus $ Hunters”, a consortium that combines strategies and brand brand for SHINYHUNRS, LAPSU $ and Spider.

In addition to the satirical notes directed at the company, the gang has published screenshots on the telegram that appears to show access to the internal capabilities of the dispute, such as administrative resources and data private information panels.

The infiltrators ignored the security measures of Discord, including the prohibition of logging in OKTA and Kolide, in their messages, on the pretext that they will not stop future invasions. In addition, they revealed information such as the name of the alleged interior network “SLHM” and promised to publish more stolen content on the “Data Section” (DTS). By boasting about their financial gains, which means that they had much more data than had previously been revealed, attackers mocked the dispute.

What is the database site (DLS)?

According to Hackread.com, Lapsus has developed $ Hunters, the platform facing the audience known as DLS (Data Sectioning Site) to display the alleged stolen data, including a billion records that are claimed to be at risk in Salesforce Hack.

The site displays the breach as a threat and a platform for negotiations, as it lists dozens of important institutions that claim to be affected and sell documents and files. By doing this, DLS acts as a pressure tool as well as a leakage archive, making the targeted organizations in the eyes of the public and raising awareness of the demands of the attackers.

The leakage site launched by Lapsus $ scattered hunters

Cyber ​​disagreement and security

Although it is a third -party data leakage, Discord again in dangerous water. The actors first targeted the platform in July 2025 by demonstrating as a platform for the publication of Epsilon Ransomwari. This was followed by a malware campaign in August 2025, which used the CDN content connection network.

This latest penetration is also proportional to a direction that shows the continuous Discord Battle to defend its platform from the emerging risk of cybersecurity, such as those that benefit from third -party suppliers or misuse of important features to spread harmful programs and make fraud operations.

About the author:

Yogash Naager It is a content specialist in cybersecurity and a B2B area. In addition to writing for news4haackers blogs, it also writes for brands including Craw Security, bytecode Security and Nasscom.

Read more:

Salsforce infrastructure suspected of stealing data approximately a billion novels

About the author