Discord Discloses Customer Service Vendor Breach, Impacts 70,000 Users

Discord has confirmed a security incident involving one of its third-party customer service vendors, in which an unauthorised party gained access to data linked to users who contacted support or Trust & Safety.

The company says the issue did not originate from Discord’s own systems.

Discord stated that roughly 70,000 accounts worldwide may have had government-issued ID photos exposed, as well as personal details submitted during support interactions. No messages, passwords, or broader platform activity were compromised.

Discord took immediate action to revoke the vendor’s access to its ticketing system and initiated an internal investigation with the help of forensic experts. It is also working with law enforcement and will contact affected users via email.

“Protecting the privacy and security of our users is a top priority,” the company said, adding that it is auditing all third-party systems and tightening access controls going forward.

The breach underscores risks that arise when organisations rely on external vendors with access to sensitive support workflows.

Users are advised to watch for official email notifications—but beware of suspicious outreach claiming to be from Discord in the meantime.

"Looking ahead, we recommend impacted users stay alert when receiving messages or other communication that may seem suspicious. We have service agents on hand to answer questions and provide additional support," the company said.

Recently, a hacker group, including aliases ShinyHunters and Scattered Spider, claims to have stolen sensitive customer data from Salesforce, potentially compromising nearly 1 billion records across its cloud-based CRM platform.