Discord reveals data breach after worker hack - is your account affected?
A third-party customer support employee has had their account breached
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
Top streaming service Discord has suffered a minor cybersecurity incident in which potentially sensitive and personal user data was exposed.
In a letter sent to users seen byBleepingComputer, the company revealed unnamed threat actors managed to compromise an account belonging to a third-party support agent, gaining access to the agent’s support ticket queue, which included some personally identifiable information such as useremailaddresses.
Furthermore, any messages the users may have exchanged with the support agent, as well as any attachments they may have sent, could also have been accessed.
Emails exposed
In a notification issued after the incident, Discord said it moved swiftly to disable to account and minimize the damage:
“Due to the nature of the incident, it is possible that your email address, the contents of customer service messages and any attachments sent between you and Discord may have been exposed to a third party,” the company said.
“As soon as Discord was made aware of the issue, we deactivated the compromised account and completed malware checks on the affected machine.”
Kids are earning pocket money selling malware on Discord>New Discord malware targets NFT and crypto fans>Here’s our rundown of the best malware removal tools around
While there was no word on the name of the third-party partner whose employee was targeted, Discord said it helped that entity implement new features that should prevent these incidents from happening again in the future.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
The company said that the chances of anyone abusing the information were minimal, but added that its users should still be on the lookout for any potential phishing attacks. If you think you have become a victim, then using thebest identity theft protectioncan help.
“While we believe the risk is limited, it is recommended that you be vigilant for any suspicious messages or activity, such as fraud or phishing attempts,” the company said.
Discord is a hugely popular instant messaging platform, particularly among blockchain businesses and cryptocurrency projects.
Via:BleepingComputer
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.
This new phishing strategy utilizes GitHub comments to distribute malware
Should your VPN always be on?
Sonos Arc Ultra review: the best one-box Dolby Atmos soundbar for the price, with one grating flaw
