Discord Discloses Data Breach After Support Agent Got Hacked

Cyber Security Threat Summary:
Discord, a popular communication platform, recently experienced a data breach after one of its support agents was hacked. The incident was reported by Discord on their official blog. The breach occurred due to unauthorized access to the support agent's account, which allowed the attacker to gain access to certain user data. Discord confirmed that the breach did not affect the entire user database and that only a small portion of users were impacted. The compromised data included usernames, email addresses, bcrypt-hashed passwords, and other limited information such as user phone numbers and associated Discord user IDs. However, Discord assured users that no payment information or credit card data was compromised in the breach. They also mentioned that the incident did not expose users' messages or any content shared on the platform. Discord promptly took action by addressing the incident and securing the affected support agent’s account. They also reset passwords for all users who were potentially affected and implemented additional security measures to prevent similar incidents in the future.

Security Officer Comments:
Discord is a widely utilized instant messaging and social media platform, boasting a user base of 150 million active users. The company also claims to have 19 million active servers on weekly basis, as stated on its website. As a precaution, Discord advised its users to enable two-factor authentication (2FA) on their accounts to enhance security. Users are advised to remain vigilant and watch out for any signs of suspicious activity, such as fraud or phishing attempts. Although Discord has assessed the risk to be minimal, exercising caution is advisable.

Link(s):
https://www.bleepingcomputer.com/