385/68 Monday, October 6, 2025
Discord, the popular communication platform, revealed a data breach on September 20, 2025, after hackers gained access to the systems of an external customer support provider working with Discord and stole some users’ personal information.
The stolen data included names, usernames, emails, contact details, IP addresses, messages and attachments sent to the support team, as well as photos of identity verification documents such as ID cards, driver’s licenses, and passports belonging to certain users. In addition, some payment-related data was exposed, including card types, the last four digits of card numbers, and purchase history. Discord confirmed that it immediately disconnected the compromised support provider from its systems and launched a thorough investigation.
Zendesk issued a statement to BleepingComputer, confirming that the incident did not stem from any vulnerability within its platform and that Zendesk’s systems were not compromised. [Update – October 10, 14:36] The incident comes amid a rising trend of large-scale cyberattacks, including a recent case where the ShinyHunters group claimed to have stolen over 1.5 billion records from Salesforce instances belonging to hundreds of organizations worldwide. Researchers warn that such leaked data could fuel fraud-related activities, particularly in the cryptocurrency industry.
