Discord reveals impact of ticket agent breach


Discord, the instant messaging and call platform, contacted nearly 200 people whose data may have been impacted in May’s data breach, exposing user contact details.

Discord has reached out to individuals impacted by a data breach, which resulted from unauthorized access to the account of an agent of a third-party service provider. The platform employs the provider to deal with user requests and operational issues.

“Discord learned that an unauthorized person gained access to the account of an agent of that service provider on March 29th, 2023, and accessed some of the agent’s support tickets,” reads Discord’s breach notification letter.

ADVERTISEMENT

According to Discord, malicious actors obtained service tickets that the agent worked with. When the company first notified its users about the incident in May, it said attackers could have accessed the user’s “email address, the contents of customer service messages, and any attachments sent.”

However, details Discord submitted to the Maine Attorney General indicate that user driver’s license numbers or non-driver ID card numbers may also have been exposed. Users likely sent identification documents as attachments to the customer support agent.

In total, 180 individuals were impacted by the third-party service agent breach. Discord said that it would offer affected individuals complimentary credit monitoring, identity protection services, and insurance coverage in case of an attack.

Discord was launched in 2015 as a chat platform primarily for gamers but has evolved to serve various communities and groups. It has 150 million monthly active users.

Earlier this year, 21-year-old National Guardsman Jack Teixeira used the platform to leak classified US defense documents on the platform’s closed server. One of the servers’ members downloaded the files and reuploaded them for others to see.

In mid-August, Discord.io, a third-party interface that allowed users to create custom links for their Discord channels, stopped all operations over a data breach that affected over 760,000 users.

ADVERTISEMENT