Discord Breach Exposes 70K Govt ID Photos

Here’s a breakdown of‍ the Discord data breach, based on the provided text:

What Happened:

* ‍Discord suffered a data breach thru a third-party ‍customer service provider.
* Hackers are​ attempting to extort a ransom from Discord to prevent the stolen data from⁢ being released.
* ⁣Law enforcement​ is involved.

What Information Was Stolen:

* Potentially Affected Users: Discord initially stated around 70,000 users⁢ may have had their government⁢ ID photos exposed. ‍However, a cybersecurity group (VX-Underground) ⁢claims‌ 2.185 million images were stolen. Discord disputes this higher number, calling it an attempt ⁣to inflate the​ value for⁤ ransom.
* ​ Specific Data:

* Names
‍ ​ * ⁢ ⁤ Discord ​usernames
⁣ * Email addresses
* Other contact details provided to customer support
‍‍ * Government​ ID photos (submitted for age verification)
‌ ⁤ * messages shared with customer support
⁤ * ​Limited billing information (last four digits of⁤ credit card ⁣numbers – not full numbers or ‍CCV codes)
* Data Not ⁣ stolen:

* Passwords
⁣* Authentication data

Why This Happened:

* Discord requires age verification‌ for users (minimum 13 in⁣ the US/Canada, varying in‍ other countries) ⁤and for access to age-restricted content (18+).
* Users ​submitted government ⁣ID photos to the third-party customer service⁢ provider ‌as part of age verification⁢ appeals.

Current Status:

* Discord has revoked the third-party provider’s access⁢ to‌ its ticketing system.
* Discord⁣ is investigating the breach.
* Discord refuses to ‍pay the ransom.