Discord has revealed that a recent security incident at one of its third-party support providers exposed personal details for a small group of users. The issue, which took place on September 20, 2025, involved people who had reached out to Discord’s Customer Support or Trust & Safety teams. Discord says its main systems were not directly accessed, but sensitive data stored in the third-party system was compromised.
The exposed information includes names, usernames, email addresses, IP addresses, and messages exchanged with support agents. A few users also had some billing info slip out, such as payment method, last four digits of their credit cards, and purchase history. In a few cases, the attackers accessed government-issued IDs, like driver’s licenses and passports, submitted for age verification appeals. Discord emphasized that full credit card numbers, CVV codes, passwords, or general in-app messages were not affected.
The breach seems to be financially motivated, with the attackers reportedly trying to extort a ransom. Screenshots posted online show internal tools, including a Kolide access control list tied to Okta multi-factor authentication. The group claiming responsibility, Scattered Lapsus$ Hunters (SLH), suggested more data could be leaked, though the true identity of the perpetrators is not confirmed.
Discord acted quickly, revoking the third-party provider’s access. The platform launched an internal investigation, engaged a leading computer forensics firm, and notified law enforcement and data protection authorities. Users impacted are being contacted via official email (noreply@discord.com) and warned to be alert for phishing attempts.
This isn’t the first time Discord has run into trouble this year. During July and August, scammers impersonated Discord to deliver ransomware, while some malware circulated through the platform’s content delivery network. Users are advised to stay alert, scrutinize suspicious messages or emails, and verify anything that seems unusual. Discord says it’s boosting security for third-party providers, but for most people, careful attention remains the best protection.
Caught feelings for cybersecurity? It’s okay, it happens. Follow us on LinkedIn and Instagram to keep the spark alive.
