385/68 Monday, October 6, 2025
Discord, the popular communication platform, revealed a data breach on September 20, 2025, after hackers gained access to the systems of an external customer support provider working with Discord and stole some users’ personal information.
The stolen data included names, usernames, emails, contact details, IP addresses, messages and attachments sent to the support team, as well as photos of identity verification documents such as ID cards, driver’s licenses, and passports belonging to certain users. In addition, some payment-related data was exposed, including card types, the last four digits of card numbers, and purchase history. Discord confirmed that it immediately disconnected the compromised support provider from its systems and launched a thorough investigation.
Reports indicate the attack was financially motivated, with hackers demanding ransom in exchange for not releasing the stolen information. A threat group calling itself Scattered Lapsus$ Hunters (SLH) claimed responsibility, stating that they breached Discord’s Zendesk instance and even published screenshots showing administrator-level access. Security experts have warned that the leaked information is extremely sensitive-enough to constitute an “entire identity” of affected users-which could be exploited in cyberattacks or financial fraud.
