Discord, a leading communication platform popular among gaming and community groups, has reported a security breach involving a third-party customer service provider. This incident has led to the unauthorized exposure of personal information for a restricted number of users.
In an official statement released on October 3, 2025, Discord detailed that an attacker successfully compromised systems at a third-party supplier, reportedly Zendesk, granting access to sensitive information stored in the support ticket queue. Discord clarified that its primary systems remained secure and that the attacker’s apparent goal was to extort a ransom from the company.
Details of Exposed Information
The compromised data pertains solely to users who had recently interacted with Discord’s Customer Support or Trust & Safety teams. This sensitive information includes names, Discord usernames, email addresses, and communication exchanges with support agents. Additionally, limited billing information was exposed, such as payment methods and the last four digits of credit card numbers.
Of particular concern is the breach of images of government-issued identification—like driver’s licenses or passports—submitted for age verification, which heightens the risk of identity theft for the affected individuals.
Discord has reached out to users impacted by the breach via email from its official address. The volume of notifications has generated anxiety within the community, leading many users to question the authenticity of the emails, thus raising the potential threat of phishing attempts targeting concerned users.
Company Response to the Breach
In response to the breach, Discord promptly revoked access for the customer service company to its ticketing system. The platform has initiated an internal investigation and engaged a computer forensics firm for remediation while collaborating with law enforcement agencies. Notably, Discord has also informed relevant data protection authorities to comply with regulatory requirements.
While the company has disclosed the nature of the exposed data, it has not provided specific details regarding the scope of the breach, the identity of the vendor involved, the number of users affected, or the duration of the incident. Nevertheless, Discord has assured users that full credit card numbers, passwords, and private messages were not compromised. It has advised those impacted to remain vigilant regarding suspicious communications, given the sensitivity of the data exposed.
Perpetrators Behind the Breach
At this point, the identity of those responsible for the Discord data breach remains uncertain. However, a group known as “Scattered Lapsus$ Hunters,” which combines tactics from various cybercriminal organizations, has claimed responsibility for the attack. The group has published screenshots on Telegram purportedly demonstrating access to internal Discord tools and administrative resources, accompanied by derisive messages aimed at the platform.
The attackers have openly criticized Discord’s security measures and revealed alleged internal network names, indicating their intention to publish more stolen data on their Data Leak Site (DLS). They have boasted about the financial gains from the breach and hinted that there may be more data at risk than what is currently known.
Understanding the Data Leak Site
The Data Leak Site serves as a platform for Scattered Lapsus$ Hunters to showcase purportedly stolen data, framing it as both a threat and a bargaining chip for negotiations with affected organizations. Such platforms often escalate the visibility of breaches, compelling targeted companies to respond or negotiate with the attackers.
Overview of Discord’s Cybersecurity Challenges
This breach illustrates another chapter in Discord’s ongoing challenges with cybersecurity. Previously, the platform had faced multiple attacks, including a ransomware incident in July 2025 and a malware attack in August 2025, both highlighting Discord’s vulnerabilities to growing cyber threats. The reliance on third-party services introduces additional risks, complicating the platform’s efforts to maintain robust security measures against varied tactics employed by adversaries.
These incidents emphasize the importance of vigilance in cybersecurity, particularly as platforms like Discord navigate the complex landscape of community engagement and data security.
