Discord users' data stolen by hackers in third-party data breach

Discord has confirmed that users who contacted its customer support service have had their data stolen by hackers, who have attempted to extort a ransom from the company.

According to the hugely popular messaging platform which has more than 200 million monthly users, the hackers breached a third-party customer service provider rather than gaining access to Discord directly.

Nonetheless, the security incident has exposed data related to Discord's customer service system, including:

• Name, Discord username, email and other contact details if provided to Discord customer support
• Limited billing information such as payment type, the last four digits of credit cards, and purchase history if associated with accounts
• IP addresses
• Messages with customer service agents
• Limited corporate data (training materials, internal presentations)

In addition, Discord wants that the hack has exposed a "small number" of users' government ID images (such as driving licenses and passports).

The hackers are believed to have struck on September 20, 2025, when the third-party customer service providers - which has not been named by Discord, but appears to be Zendesk - was breached.

The Scattered Lapsus$ Hunters (SLH) gang claimed responsibility on Telegram for its involvement in the attack. The hackers posted screenshots which allegedly proved their access to Discord's internal administration tools, and taunted the company about their security.

According to Discord's official statement, the compromised information is limited to users who contacted its Customer Support or Trust & Safety teams, and did not include the exposure of full credit card numbers or CCV codes, messages or activity on Discord beyond what users may have discussed with customer support, or users' passwords.

But there are obvious concerns that users will often share sensitive information and attachments with support teams that they would not want to fall into the hands of malicious hackers.

The total number of affected Discord users has not been made public. Impacted users are being contacted by the company via email.

Discord has warned users to be wary of scammers attempting to exploit the data breach, and has underlined that it will not contact affected users about the incident by phone and will only send official communications from [email protected].

Obviously it makes sense for any Discord user to be extremely cautious about any communication which arrives claiming to be related to the breach, as it may be an attempt by hackers to steal more details - such as passwords.

In the wake of the attack Discord has revoked the customer support provider's access to its ticketing system, engaged with external experts and law enforcement, and launched an internal investigation.

Unfortunately for Discord this is not the first time it has found its name hitting the headlines due to a breach at a third-party customer service provider.

In March 2023, Discord notified users that email addresses, messages, and any attachments sent with support tickets could have been exposed to hackers.

The lesson for companies reading about Discord's latest hack? Once again, third-party suppliers can be a weak link in your security chain. As organisations increasingly rely on third-party service providers, the attack surface expands beyond their direct control. It's not just about making sure that your own systems are secure, but also assessing the security of your vendors, and asking yourself if you are wise to trust their architecture.