© 2023 CyberNews - Latest tech news,
product reviews, and analyses.

Discord.io suffers data breach, goes offline

Discord.io is stopping all operations for the foreseeable future following a massive data breach. The resulting leak affected over 760,000 users.

On August 14th, the popular Telegram channel Information Leaks brought attention to an ad on the dark web where a threat actor claimed to have a database of 760,000 Discord.io users for sale. The data included email addresses and hashed passwords.

Discord.io is a third-party interface, allowing users to create custom links for their Discord channels.

On August 15th, the platform confirmed the data breach saying it was massive, and said it was “stopping all operations for the foreseeable future,” shutting down all services and operations.

“We are still investigating the breach, but we believe that it was caused by a vulnerability in our website's code, which allowed an attacker to gain access to our database. The attacker then proceeded to download the entire database, and put it up for sale on a 3rd party site,” Discord.io said.

Here’s what was leaked:

  • Usernames
  • Discord IDs
  • Email addresses
  • Billing addresses
  • Salted and hashed passwords

Leaked passwords “should only concern a small number of people from before we exclusively offered Discord as a login option (starting in 2018).” Even though the passwords were protected, Discord.io urged users to update them immediately, especially in cases where they were not unique.

It confirmed that it didn’t store any payment information.

“We will continue to investigate the possible causes of the breach, and we will take steps to ensure that this does not happen again. This will include a complete rewrite of our website's code, as well as a complete overhaul of our security practices,” it noted.

Discord.io cancelled all active subscriptions and will fully refund users who had recently purchased premium membership.

More from Cybernews:

Netflix testing game streaming on TVs, PCs, and Macs

PwC breach spills into Banco Popular de Puerto Rico

Intel insiders go undercover revealing fresh details into NoName hacktivist operations

Chatbot preachers and robo sermons: will AI replace religion or become one itself?

New York Life data exposed in third-party breach

Subscribe to our newsletter

Leave a Reply

Your email address will not be published. Required fields are marked