SQ Magazine

Smarter Insights for a Fast-Moving Digital World

Subscribe To Our Newsletter

Discord Users Warned After Support System Hacked, ID Docs and Emails Exposed

Updated on:
Sofia Ramirez
Written By
Sofia Ramirez
Sofia Ramirez
Senior Tech Writer
Sofia Ramirez
Sofia Ramirez is a technology and cybersecurity writer at SQ Magazine. With a keen eye on emerging threats and innovations, she helps reader...
LATEST POSTS:

Discord Users Warned After Support System Hacked, ID Docs and Emails Exposed

Security Flaw in Unity Engine Sparks Urgent Updates Across Gaming Platforms

Fitbit Statistics 2025: Health Trends Revealed

As Featured In
BluehostActive CampaignDesignrushSeeking AlphaResearch Com

A recent data breach at Discord’s customer support provider has exposed sensitive information of users who contacted the platform’s support or trust and safety teams.

Quick Summary – TLDR:

  • A ransomware attack on a third-party support vendor led to a Discord data breach
  • Stolen information includes names, emails, usernames, billing info, IP addresses, and some government IDs
  • No passwords, full credit card numbers, or CVV codes were compromised
  • Impacted users are being contacted via official Discord email

What Happened?

Discord confirmed that a cyberattack targeting a third-party customer support provider led to a data breach affecting users who submitted support tickets. The breach occurred around September 20, 2025, and allowed hackers to access a wide range of user data. Although Discord’s internal systems were not breached, the platform has launched a full investigation and is reaching out to affected individuals.

Attack Originated From a Third-Party Vendor

The breach was the result of a ransomware attack on a support vendor working with Discord. While the identity of the attackers is still unknown, reports suggest they attempted to extort Discord by threatening to release the stolen data. The vendor involved is widely believed to be Zendesk, although this has not been officially confirmed.

Discord has clarified that its own infrastructure was not compromised, and that only a limited number of users who interacted with support or trust and safety teams were affected. The exposed data includes:

  • Full names.
  • Discord usernames.
  • Email addresses.
  • IP addresses.
  • Limited billing data (like last four digits of credit cards and payment methods).
  • Messages exchanged with support agents.
  • Scanned government-issued IDs submitted for age verification or dispute resolution.
  • Some internal corporate materials like training docs and presentations.

Quick Response from Discord

Upon discovering the breach, Discord says it immediately revoked the third-party provider’s system access and began an internal investigation with the help of a leading computer forensics firm. The company also notified law enforcement and began informing affected users through emails sent from noreply@discord.com.

Discord has reassured users that no passwords, full credit card numbers, CVV codes, or other authentication data were compromised in the breach.

The company emphasized that it will not contact users via phone, and any official communication will only come through the designated email address.

Ongoing Risks and Recommendations for Users

The breach raises significant concerns about the risks of outsourcing sensitive operations to third-party vendors. Industry analysts have highlighted similar vulnerabilities in recent incidents involving companies like Salesforce and Stellantis.

Affected users, particularly those who uploaded government ID documents or payment verification details, are now at risk of phishing attacks and identity theft. Discord has urged impacted individuals to:

  • Stay alert for suspicious emails or messages.
  • Enable two-factor authentication on their accounts.
  • Avoid clicking on links or downloading files from unknown sources.
  • Contact Discord support for further assistance if needed.

This breach follows a smaller incident in 2023 that affected nearly 200 users, suggesting that third-party vendor oversight remains a weak link in cybersecurity.

SQ Magazine Takeaway

I think this incident shows how fragile our data privacy is when companies lean too much on third-party vendors without airtight safeguards. Even if Discord’s main systems were safe, that’s little comfort to users whose IDs and private messages were caught up in the breach. If you’re someone who’s ever reached out to Discord support, now’s the time to check your email, double-check your account settings, and take every precaution. No one wants to see their passport or chat history end up in the wrong hands.

Add SQ Magazine as a Preferred Source on Google for updates!Follow on Google News
Sofia Ramirez

Sofia Ramirez

Senior Tech Writer

Sofia Ramirez is a technology and cybersecurity writer at SQ Magazine. With a keen eye on emerging threats and innovations, she helps readers stay informed and secure in today’s fast-changing tech landscape. Passionate about making cybersecurity accessible, Sofia blends research-driven analysis with straightforward explanations; so whether you’re a tech professional or a curious reader, her work ensures you’re always one step ahead in the digital world.
Disclaimer: Content on SQ Magazine is for informational and educational purposes only. Please verify details independently before making any important decisions based on our content.

Related Posts

Google Levels Up Gemini with Nano Banana Image Editing AI
Artificial Intelligence

Google Levels Up Gemini with Nano Banana Image Editing AI
OpenAI expands Stargate with Oracle and SoftBank, adding 7GW AI capacity
Technology

OpenAI expands Stargate with Oracle and SoftBank, adding 7GW AI capacity
UAE’s K2 Think Challenges OpenAI with World’s Fastest Open-Source AI Model
Artificial Intelligence

UAE’s K2 Think Challenges OpenAI with World’s Fastest Open-Source AI Model

Reader Interactions

Leave a Comment

Company
Discover
Categories
  • Artificial Intelligence
  • Cybersecurity
  • Gaming
  • Internet
  • PR
Artificial Intelligence
Cybersecurity
Gaming
Internet
PR