Discord has issued a warning to users after a third-party customer support provider, Zendesk, suffered a data breach on September 20th. As reported by the Malwarebytes Labs blog, attackers compromised the Zendesk systems which gave them access to Discord’s user data. They were then able to steal data including real names, Discord usernames, email addresses, IP addresses and details and messages with support agents.
Some billing information was also taken, including payment type, last four digits of credit card numbers and purchase histories. In the advisory notice, Discord explained that some users also had their government IDs taken as well — either their driver’s licenses or passports depending on what they used to appeal an age determination. Users who may have had this information exposed will be notified of this specifically in the email they receive.
A ransom demand was included so the breach seems to have been financially motivated. Discord disclosed the incident on October 3rd, and revoked the support providers access, as well as launching an internal investigation and notifying the affected users from a noreply@discord.com email address. There isn’t information about whether it paid the ransom, but the company does state in its press release that it has “reviewed our threat detection systems and security controls for third-party support providers” in order to ensure that third party systems meet the company’s security and privacy standards.
Rescana, a vendor risk management firm, claims that the attackers are Scattered Lapsu$ Hunters, which BleepingComputer also mentioned, but the group pointed to a different hacking group. Rescana has called the SLH group a coalition that combines tactics from other hacking groups that often steal data from third party providers of larger companies, and usually use social engineering tactics as methods (as opposed to malware infections).
How to stay safe after a data breach
As we've mentioned before, one of the main risks after a data breach is phishing attacks, which may look like they come from a legitimate retailer or website. So one of the things to stay on alert for is emails or texts that appear like they come from Discord. Likewise, you may see phishing emails which claim there is an order confirmation for something you didn’t buy.
We also recommend that you be on the look out for any emails that sound urgent and want you to “act now” to fix an issue, to provide additional personal or financial details, or need you to correct an account problem. It's also important to stay vigilant against social engineering attacks and to monitor your accounts for suspicious activity. The best way to stay safe against phishing is to avoid clicking on any links, QR codes or attachments in emails or messages from unknown senders.
If you haven't already invested in one of the best identity theft protection services, it's best to do so before it's too late. Those who have identity theft protection in place will be able to receive alerts for any suspicious behavior and will have experts on-hand should any of their data be misused.
From there, you'll want to make sure you're protected from online scams and hacks by using one of the best antivirus software solutions on all your devices, and when you're online, use their built-in protections like a VPN or a hardened browser to help keep you and your devices safe from malware and other online threats.
More from Tom's Guide
- These are the best Amazon Prime Day antivirus deals on packages for five devices (or more)
- Massive data leak just exposed the personal info of 6 million shoppers — how to stay safe
- Unity just patched a serious security flaw - update your games and apps now
You must confirm your public display name before commenting
Please logout and then login again, you will then be prompted to enter your display name.
