Data leak at Discord: Support service provider successfully attacked

A support service provider for the messaging and social media platform Discord has fallen victim to a cyber attack. Criminals are said to have accessed customer data and used it as a means of blackmail.

Background information

In a statement, Discord's operators refer to the attacks. They assure that only customers who were in contact with support were affected. As a result, the attackers only had access to user data relating to this context. They assure us that Discord was not directly impacted. As a result, the attackers were unable to view any chat messages.

The operators make it clear that they now have the IT security incident under control and are contacting affected users. It is currently not known how many victims are specifically affected. Those responsible state that the attackers were able to copy ID numbers, IP addresses, messages to support and payment information, among other things. However, this is not believed to include complete credit card numbers and passwords.

Possible consequences of the attack

Security researchers suggest that the captured data could have far-reaching consequences. After all, the attackers can use it to create comparatively convincing phishing emails for cryptocurrency fraud, for example. As a result, Discord users should be even more critical of emails from now on and not click on links in emails or even open file attachments. The attackers claim to have attacked the support service provider Zendesk. However, this has not yet been officially confirmed.

The cyber criminals from Scattered Lapsus$ Hunters are believed to be behind the attacks. According to their statements, they actually want to withdraw from the cybercrime business. In the past, they have successfully attacked Jaguar and Marks & Spencer, among others, causing millions in damage.

(des)