ADVERTISEMENT

Discord breach of 70,000 customer IDs exposes cracks in third-party age verification services, experts say

Discord says the government IDs of just 70,000 customers were compromised in last week’s third-party breach, which has been claimed by the Scattered LAPSUS$ Hunters cybercriminal group. The attack exposes the risks of using third-party vendors to comply with the new age verification laws passed in many nations.

Discord message scrape

Image by Cybernews.

Stefanie Schappert
Stefanie Schappert Senior Journalist
Oct 9, 2025 Updated: 18 October 2025 4 min read
eu-age-verification
Image by Cybernews.

Big claims by Scattered LAPSUS$ Hunters

Scatterd Spider, LAPSUS$, and Shiny Hunters.
Image by Scattered Spider via Telegram
ADVERTISEMENT

Risks of outsourcing age verification

age verification button on a keyboard
Image by Shutterstock
jurgita justinasv Izabelė Pukėnaitė vilius Ernestas Naprys Gintaras Radauskas
Don't miss our latest stories on Google News
Add us as your Preferred Source on Google.

What data was compromised?

  • Name, Discord username, email, and other contact details if provided to Discord customer support
  • Limited billing information, such as payment type, the last four digits of your credit card, and purchase history, if associated with your account
  • IP addresses
  • Messages with its customer service agents
  • Limited corporate data (training materials, internal presentations)
ADVERTISEMENT