Chat platform Discord confirmed a data breach on October 3, 2025, after hackers compromised a third-party partner on September 20. The incident exposed user data, including names, emails, and some government IDs.
Details of the Discord Third-Party Breach
The security incident was not a direct attack on Discord’s servers. Instead, it was a Discord third-party breach involving the customer support provider, 5CA.
The threat group Scattered Lapsus$ Hunters SLH has claimed responsibility for the 5CA customer support hack. The group also attempted to extort a ransom payment from Discord following the attack.
User Data Exposed in the Incident
Exposed information includes Discord usernames, real names, email addresses, and limited billing details such as payment type and the last four digits of credit card numbers. Customer service messages and IP addresses were also compromised.
A specific concern is a Discord user ID leak involving government-issued identification photos provided for age-related appeals. Passwords, full credit card numbers, and user activity outside of customer support channels were not exposed.
Discord’s Response to the Data Breach
A representative at Discord addressed claims from the attackers, clarifying the scope of the incident. They confirmed it was “not a breach of Discord, but rather a third-party service we use to support our customer service efforts.“
The company estimates that of the accounts impacted globally, “approximately 70,000 users that may have had government-ID photos exposed.” The representative added, “We will not reward those responsible for their illegal actions. All affected users globally have been contacted.“
Discord has severed ties with the compromised vendor and launched an internal investigation with a digital forensics team. The company is working with law enforcement and has notified relevant data-protection authorities about the breach.
Actions for Affected Discord Users
All official communication regarding this breach will come from the email address [email protected]. Users should be wary of potential phishing attacks that may impersonate the company.
Discord recommends that all users enable two-factor authentication and monitor their login history for any unusual activity. Using a password manager and keeping software updated are also advised as general security best practices.
