On September 20, attackers breached Zendesk, the customer support service used by Discord, rather than Discord’s own servers. This allowed unauthorized access to user data such as real names, Discord usernames, email addresses, contact details, and some limited billing information like payment types and partial credit card numbers. Additionally, certain messages exchanged with support agents and customer IP addresses were exposed.
A particularly sensitive aspect of the breach involved a small number of government ID images submitted by users during age verification appeals. Discord disclosed the breach publicly 13 days later and has since revoked the support provider’s access, launched a forensic investigation, and informed affected users about the incident. The breach highlights the risks posed by third-party vendors in data security and the financial motivation behind such attacks, with ransom demands reported.
The attackers are linked to a coalition group known as Scattered Lapsu$ Hunters, combining tactics from known threat actors who target third-party partners through social engineering techniques. This incident underscores the importance of vendor risk management and vigilance against social engineering in protecting user data. Discord reminds users that official communications will only come from a verified email address to avoid falling prey to scams.
👉 Pročitaj original: Malware Bytes
