Hackers stole partial fee info and personally figuring out information related to some Discord customers after compromising a third-party customer support supplier.
The assault occurred on September 20 and affected “a restricted variety of customers” who interacted with Discord’s buyer help and/or Belief and Security groups.
Discord was created as a communication platform for players, who signify greater than 90% of the userbase, however expanded to varied different communities, permitting textual content messages, voice chats, and video calls.
In accordance with the platform’s statistics, greater than 200 million persons are utilizing Discord each month.
Hackers demanded a ransom
Within the notification to affected customers, the messaging firm says that the assault occurred on September 20 and “an unauthorized celebration gained restricted entry to a third-party customer support system utilized by Discord.”
On Friday, Discord disclosed the incident publicly, saying that it took quick motion to isolate the help supplier from its ticketing system and began an investigation.
This included revoking the client help supplier’s entry to our ticketing system, launching an inner investigation, partaking a number one laptop forensics agency to help our investigation and remediation efforts, and fascinating legislation enforcement – Discord
The assault seems to be financially motivated, because the hackers demanded a ransom from Discord in trade for not leaking the stolen info.
Uncovered information contains personally figuring out info comparable to actual names and usernames, e-mail addresses, and different contact particulars offered to the help workforce.
The social communication service says IP addresses, messages and attachments despatched to customer support brokers have been additionally compromised.
The hackers additionally accessed images of government-issued identification paperwork (driver’s license, passport) for a small variety of customers.
Partial billing data, like fee sort, the final 4 bank card digits, and buy historical past related to the compromised account, have been uncovered as nicely.
supply: VX-Underground
VX-Underground safety group notes that the kind of information stolen from Discord customers represents “actually peoples [sic] total identification.”
Alon Gal, Chief Know-how Officer at menace intelligence firm Hudson Rock, believes that if the hackers launch the Discord information, it may present essential info to assist uncover or resolve crypto hacks and scams.
“I’ll simply say that if it leaks, this db goes to be enormous for fixing crypto associated hacks and scams as a result of scammers don’t typically keep in mind utilizing a burner e-mail and VPN and nearly all of them are on Discord,” says Alon Gal, Chief Know-how Officer at Hudson Rock
At present, it’s unclear what number of Discord customers are affected, and the identify of the third-party supplier or the entry vector has not been disclosed publicly.
BleepingComputer contacted Discord with a request for extra particulars concerning the assault, however a remark from the social communications platform was not instantly out there.
It’s value noting that a whole lot of corporations had their Salesforce cases compromised after the ShinyHunters extortion group accessed them utilizing stolen Salesloft Drift OAuth tokens.
Final month, the hackers claimed to have stolen greater than 1.5 billion Salesforce data from 760 corporations.
Extra lately, ShinyHunters launched a knowledge leak web site itemizing greater than three dozen victims.
Be a part of the Breach and Assault Simulation Summit and expertise the way forward for safety validation. Hear from prime consultants and see how AI-powered BAS is reworking breach and assault simulation.
Do not miss the occasion that may form the way forward for your safety technique
