Discord has informed users that a data breach occurred at a third-party vendor that has resulted in the exposure of about 70,000 users’ government identifications.
Discord said that its system was not breached, but instead was at a vendor it uses for customer service, adding that a “limited number of users who had communicated with our Customer Support or Trust & Safety teams" may be affected.
"An unauthorized party targeted our third-party customer support services to access user data, with a view to extort a financial ransom from Discord," the company said.
The vendor used the government IDs to confirm a user’s age during an appeal process.
The company said that "No messages or activities were accessed beyond what users may have discussed with Customer Support or Trust & Safety agents," but a user’s name, username, email and other contact details may have been accessed, as were billing information, payment type, the last four digits of a credit card and IP addresses.
Passwords and full credit card information were not taken, Discord assured users.
An investigation is continuing and Discord has removed the provider’s access to the company’s ticketing system.
Those users who have been affected will be alerted via email from noreply@discord.com. Discord will not contact users by phone.
© 2025 Cox Media Group
Sign Up
