Discord disclosed that an unauthorized party compromised a third-party customer support vendor, exposing personal information for a limited number of users who interacted with customer support or Trust & Safety [theguardian.com#1][androidheadlines.com#1]. Exposed data includes names, usernames, email addresses, contact information, IP addresses, billing information (such as the last four card digits), some government-issued ID documents, and certain support chats; passwords and authentication data were not affected and core infrastructure remained safe [securityweek.com#1][theguardian.com#1][androidheadlines.com#1]. The incident is linked to Zendesk, with access occurring on September 20, 2025; Discord says it is investigating with forensics, has notified law enforcement, and will email aff
Highlights:
- Scope affected: Discord says a limited number of users who contacted support or Trust & Safety were impacted [theguardian.com#1][androidheadlines.com#1].
- Data types: Compromised data may include names, usernames, emails, contact info, IPs, billing data (e.g., last four card digits), some government IDs, and support chats [securityweek.com#1][androidheadlines.com#1][theguardian.com#1].
- Root cause: Discord attributes the incident to a third-party support vendor; Ubergizmo identifies Zendesk as the provider [theguardian.com#1][ubergizmo.com#1].
- What’s safe: Passwords, authentication data, general chats, and Discord’s core servers were not affected [androidheadlines.com#1].
- Response steps: Discord launched a forensic investigation, notified law enforcement, and will contact affected users by official email [androidheadlines.com#1].
Perspectives:
- Discord: Says a vendor breach exposed data from support interactions but did not affect passwords or core infrastructure; forensic review and law enforcement notifications are underway. (Android Headlines)
- Ubergizmo: Reports the incident is linked to Zendesk and that attackers accessed the customer support ticket system where confidential data was stored. (Ubergizmo)
Sources:
- Proof-of-age ID leaked in Discord data breach – theguardian.com
- Discord Says User Information Stolen in Third-Party Data Breach – securityweek.com
- Discord Data Breach Exposes Users’ Personal Information and Documents – ubergizmo.com
- Discord Confirms Data Breach After Vendor Hack—Emails and IDs Exposed – androidheadlines.com
- Thieves steal IDs and payment info after data leaks from Discord support vendor – theregister.com
