Main Menu

Discord Confirms Data Breach Linked to Third-Party Support Vendor

Follow Us on Your Favorite Podcast Platform

Discord has confirmed a significant data breach affecting users who interacted with its customer support teams, after hackers compromised a third-party service provider on September 20. The attack exposed a range of personally identifiable information (PII), including names, email addresses, messages, and, for a small number of users, photos of government-issued IDs such as passports and driver’s licenses. Partial billing details and payment histories were also affected.

According to the post-mortem, the threat actors—believed to be the Scattered Lapsus$ Hunters (SLH) group—claimed responsibility and demanded a ransom from Discord in exchange for not leaking the stolen data. While Zendesk is suspected to be the compromised vendor, this detail has not yet been officially confirmed. Investigators noted that the stolen data contains “people’s entire identity,” a statement underscoring the potential for identity theft, account hijacking, or crypto-related fraud if the information circulates on dark web marketplaces.

Discord responded by isolating and revoking access for the affected vendor, initiating a comprehensive forensic investigation, and notifying law enforcement and all impacted users. The company also enlisted a third-party cybersecurity firm to assess the extent of the breach and prevent future incidents.

While the total number of affected accounts remains undisclosed, the breach underscores the risks of third-party dependencies and highlights how vendor security continues to be a major weak point in digital ecosystems. As threat groups increasingly exploit supply-chain and service provider vulnerabilities, platforms like Discord face mounting pressure to reassess vendor access, authentication mechanisms, and data retention practices.

This breach serves as a cautionary case for all SaaS operators: security responsibility doesn’t end at your own perimeter—it extends to every partner in your network.

#Discord #databreach #cybersecurity #PII #infosec #LapsusHunters #Zendesk #identitytheft #ransomware #privacybreach #thirdpartysecurity #supportbreach #supplychainattack #cyberattack #DarkWeb

Trending
Weather Station Gateway Exploited: CISA Adds Meteobridge Bug to KEV List
DrayTek Issues Critical Patch for Router RCE Flaw (CVE-2025-10547)
Salesforce Faces Extortion Threat After Salesloft OAuth Token Exploits
Discord Discloses Support Ticket Breach After Unauthorized Access to Third-Party System
VMware Virtual Machines Targeted in Zero-Day Exploitation by China-Linked Hackers
Boeing Supplier Dimensional Control Systems Targeted in Ransomware Attack
Lynx Claims Ransomware Intrusion at TriMed Subsidiary of Henry Schein
Red Hat Confirms Breach of Consulting GitLab Instance After Claim of 570.2 GB Leak
WestJet Data Breach Exposes Passports and IDs for 1.2 Million Customers
Sendit Sued by FTC for Alleged Illegal Collection of Children’s Data

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Related Posts

ParkMobile Data Breach Ends in $32.8M Settlement — and a $1 Payout

Oneleet Secures $33M Series A to Revolutionize Integrated Cybersecurity

Weather Station Gateway Exploited: CISA Adds Meteobridge Bug to KEV List

DrayTek Issues Critical Patch for Router RCE Flaw (CVE-2025-10547)

FTC vs. Sendit: Lawsuit Alleges Data Theft, Fake Messages, and Subscription Traps

Broadcom Patches VMware Zero-Day: CVE-2025-41244 Exploited by China-Linked UNC5174