Discord, a popular communication platform, known for providing millions of game and social servers, has confirmed a security incident for a foreign customer service company that has revealed a limited number of users.
Discord released an official update on October 5, explaining that an attacker successfully endangered the systems of a customer service provider (apparently Zendesk) and found unnecessary access to the support representative tickets where customer -sensitive data is stored. The company emphasized that its core systems were not directly infiltrated. Researchers have found that the main goal of the attacker was to try to request a financial ransom from the discord.
What information is stolen?
The leaked data belongs to only users who have recently contacted customer support teams or discounts’ trust and safety teams. This very sensitive information includes:
- Names, Discord Names, Email Addresses and Other Contact Information
- Messages exchanged with customer service agents
- Limited Billing Details, in particular the payment method and the last four digits of the credit card number
Perhaps the most worrying thing is that the hacker has access to a small number of government identification card images, such as a driver’s or passport certificate sent by users for age approved applications. The disclosure of these sensitive documents significantly increases the risk of identity theft for people affected.
Discord has sent email to affected users from the official address ([email protected]). The volume of notifications has raised concerns among users of the platform because they have now asked whether the email they received about hacking their data is real. This increases the risk of opportunistic phishing efforts.
Discords acted quickly
After discovering the security violation, the Discord immediately canceled its support company access to its ticket system. The platform has begun internal research and uses a leading computer criminology company to help fix the problem and cooperates with law enforcement. Discord also confirmed that he had informed the authorities in the field of data protection.
Although Discord was transparent about what data stolen, important details about the domain of the attack, the name of the seller, the number of damaged users and the time of security violations. However, the platform assured users that full credit card numbers, passwords and public public messages had not been accessed. The company advised all the affected users to be cautious about any suspicious email or communication due to the sensitive nature of the data.
Who is behind the scenes hacking the discord?
Although it is still unclear at the time of writing, who is behind the scenes violating discs, but Scattered Lapsus $ Hunters, a coalition that includes Tactics and groups of Scattered Spider, Lapsu $ and Shinyhunters, is responsible for the attack. The group has shared images in the telegram that appears to show access to internal discounts such as privacy dashboards and office resources along with ridiculous messages against the company.
In their posts, hackers rejected discount security measures such as disabling the OKTA and Kolide system, claiming that these measures would not prevent further infiltration. They also revealed details such as the name of the “SLHM” internal network, saying they would publish more stolen material on their leak site. The hackers proudly ridiculed the Discords more about their financial achievements and stated that he had much more data than previously revealed.
The site is a public platform leak site created by Scattered Lapsus $ Hunters to display stolen data. The Salesforce defect case also claims that one billion documents have been stolen. The site has listed dozens of large organizations affected by reports and offers documents and files for sale. The site has also identified the security violation as a threat and a context for negotiations. By doing so, the hackers ‘leakage site acts not only as an information archive but as a tool for pressure and forces target companies to be at the center and increase the level of attackers’ demands.
Discords and cyber security
Although this is a violation of a third -party data, it again puts the disc in difficult conditions. The platform was previously targeted by threat agents who had forged themselves as platforms to distribute the Epsilon Red ransom, and then in August, a malware attack was carried out using a diskord content delivery network. The security violation is also part of a model that shows that the Discord is constantly trying to protect its platform from increasing cyber threats, whether it is abused by third -party service providers, and to help with key features for fraud and malware distribution.
Source: Hackread
Latest Passing over countries : Spain | Dominica | United Arab Emirates
RCO NEWS
