• Discord identified a potential leak of 70,000 user ID photos due to a third-party breach.
• The company maintains this breach did not compromise its own systems directly.
• Hackers attempted to extort money from Discord following the unauthorized access.
• Discord is cooperating with law enforcement and data protection authorities.
• Affected users have been notified about the incident.

Discord has reported a significant security breach affecting approximately 70,000 users, specifically concerning government-issued ID photos collected for age verification. The compromise occurred through a third-party customer service provider, according to a spokesperson for the company. Discord clarified that this incident did not involve direct access to its own systems, as the attack targeted a vendor that helps manage user interactions, according to BBC, aa, and Indiatimes.

The breach, which was discovered in late September, involved the exposure of usernames, email addresses, limited credit card information, and IP addresses. Importantly, Discord has stated that full credit card numbers and passwords were not disclosed in this incident. Following the discovery, Discord has engaged with law enforcement and security experts, terminating its relationship with the third-party vendor involved, as confirmed by BBC and Indiatimes.

Discord has been in contact with the affected users, notifying them via email, and assuring that it will not reach out by phone regarding this incident. While some online claims have suggested that more data may be compromised than Discord acknowledges, the company insists that these allegations are exaggerated as part of an extortion scheme, according to aa and Indiatimes.