Hackers stole user information from Seditiona popular voice, video and text communications platform, through a third-party customer service provider, and government ID photos were among the information stolen. Sedition Posted about the breach on October 3 and updated the post on Wednesday.
About 70,000 users may have had their government ID photos exposed, Discord said in the statement. These ID photos are shared with the third party vendor to assist in reviewing age appeals. You must be at least 13 years old to use Discord in the US and Canada, as other countries have done Different age limits. Certain age-restricted content is only available to those 18 years or older.
“No messages or activities beyond what users discussed with customer support or trust and safety agents were accessed,” the statement read. “We immediately revoked our customer support provider’s access to our ticket system and continue to investigate this matter.”
Don’t miss any of our unbiased technical content and lab reviews. Add CNET As Google’s preferred source.
While Discord specifically called out the 70,000 affected users, Cites Yahoo News A report from cybersecurity research group VX-Underground notes that “attackers claim to have leaked 1.5 terabytes of data, including approximately 2,185,151 images associated with age verification requests.”
A Discord representative did not immediately respond to a request for further comment.
Ransom wanted
It’s becoming more common for criminals to hack websites to demand payment to keep the information they’ve stolen private, and Discord said it’s happening here.
“An unauthorized party targeted third-party customer support services to access user data with the goal of extorting ransom money from Discord,” the statement read.
The statement said law enforcement authorities were involved in the case.
What information was taken?
Discord’s statement says the stolen information may include names, Discord usernames, email addresses, and other contact details that people may have provided to customer support. Messages shared with customer support were also stolen, including government ID photos.
Discord says that “limited billing information,” including the last four digits of credit card numbers, was stolen, but not full credit card numbers or CCV codes. The site also says that no password and authentication data was stolen.
It seems likely that this type of theft will only grow as more sites must comply with age verification laws Some US states and other countries crack down on verifying the age of users to use a site. Government-provided IDs may be enough for a site to give people the right to see certain content, but once these IDs are in the site’s databases, they can be stolen.
What do I do now?
The October 8 message says Discord is “in the process of contacting affected users,” who should look out for messages from [email protected], and that the site will not use the phone to reach users.
There seems to be not much Discord users can do at the moment except monitor suspicious messages or calls that could use stolen information to try to scam or phish users. Turn on two-factor authentication if it’s not already turned on.
User reaction
Some Reddit users say Discord never responded to age verification calls, despite notifying them afterward that their information had been hacked.
“Discord ignored my identity verification ticket for two weeks only to tell me the same ticket was involved in a data breach,” he wrote. One Reddit user. “I’m really glad I didn’t give them that information, and I’m locked out of half the servers I use, but it’s better than leaking my identity I guess.”
Another person said something similar happened to them too.
“I just received the same email.” one person wrote on Reddit. “I resumed my age in August. I received a few emails, but long story short, the bot on the other end never accepted my identity. About two months later, I was told that my data had been leaked online because Discord admin wasn’t checking their priorities.”
https://www.cnet.com/a/img/resize/72828465e2fdd0ccc10f819f7bace91ed9af63f7/hub/2023/05/12/d50e2f65-2cf8-48be-8f58-437b70146a34/discord-logo-16×9.jpg?auto=webp&fit=crop&height=675&width=1200
Source link