Discord reports a significant data breach involving a third-party support platform, exposing millions of usersβ personal information, including government IDs and payment details. The company denies responsibility, blaming a compromised outsourced support account, while threat actors demand ransom and threaten public release of stolen data. #Zendesk #BPOSecurity
Keypoints
- Hackers gained access to Discordβs Zendesk support system through a compromised support agent account.
- The breach impacted approximately 5.5 million users, with 1.6 TB of data stolen over 58 hours.
- Stolen data includes user IDs, email addresses, phone numbers, partial payment info, and government ID images.
- Discord denies the breach was due to a Zendesk vulnerability, attributing it to third-party account compromise.
- The threat actors are demanding ransom payments, threatening to leak data publicly if their demands are not met.