Discord, a popular communication platform, known for providing millions of game and social servers, has confirmed a security incide for a foreign customer service company that has revealed a limited number of users.
Discord released an official update on October 5, explaining that an attacker successfully endangered the systems of a customer service provider (apparely Zendesk) and found unnecessary access to the support represeative tickets where customer -sensitive data is stored. The company emphasized that its core systems were not directly infiltrated. Researchers have found that the main goal of the attacker was to try to request a financial ransom from the discord.
What information is stolen?
The leaked data belongs to only users who have recely coacted customer support teams or discous’ trust and safety teams. This very sensitive information includes:
- Names, Discord Names, Email Addresses and Other Coact Information
- Messages exchanged with customer service ages
- Limited Billing Details, in particular the payme method and the last four digits of the credit card number
Perhaps the most worrying thing is that the hacker has access to a small number of governme ideification card images, such as a driver’s or passport certificate se by users for age approved applications. The disclosure of these sensitive documes significaly increases the risk of ideity theft for people affected.
Discord has se email to affected users from the official address ([email protected]). The volume of notifications has raised concerns among users of the platform because they have now asked whether the email they received about hacking their data is real. This increases the risk of opportunistic phishing efforts.
Discords acted quickly
After discovering the security violation, the Discord immediately canceled its support company access to its ticket system. The platform has begun iernal research and uses a leading computer criminology company to help fix the problem and cooperates with law enforceme. Discord also confirmed that he had informed the authorities in the field of data protection.
Although Discord was transpare about what data stolen, importa details about the domain of the attack, the name of the seller, the number of damaged users and the time of security violations. However, the platform assured users that full credit card numbers, passwords and public public messages had not been accessed. The company advised all the affected users to be cautious about any suspicious email or communication due to the sensitive nature of the data.
Who is behind the scenes hacking the discord?
Although it is still unclear at the time of writing, who is behind the scenes violating discs, but Scattered Lapsus $ Huers, a coalition that includes Tactics and groups of Scattered Spider, Lapsu $ and Shinyhuers, is responsible for the attack. The group has shared images in the telegram that appears to show access to iernal discous such as privacy dashboards and office resources along with ridiculous messages against the company.
In their posts, hackers rejected discou security measures such as disabling the OKTA and Kolide system, claiming that these measures would not preve further infiltration. They also revealed details such as the name of the “SLHM” iernal network, saying they would publish more stolen material on their leak site. The hackers proudly ridiculed the Discords more about their financial achievemes and stated that he had much more data than previously revealed.
The site is a public platform leak site created by Scattered Lapsus $ Huers to display stolen data. The Salesforce defect case also claims that one billion documes have been stolen. The site has listed dozens of large organizations affected by reports and offers documes and files for sale. The site has also ideified the security violation as a threat and a coext for negotiations. By doing so, the hackers ‘leakage site acts not only as an information archive but as a tool for pressure and forces target companies to be at the ceer and increase the level of attackers’ demands.
Discords and cyber security
Although this is a violation of a third -party data, it again puts the disc in difficult conditions. The platform was previously targeted by threat ages who had forged themselves as platforms to distribute the Epsilon Red ransom, and then in August, a malware attack was carried out using a diskord coe delivery network. The security violation is also part of a model that shows that the Discord is constaly trying to protect its platform from increasing cyber threats, whether it is abused by third -party service providers, and to help with key features for fraud and malware distribution.
Source: Hackread
