TL;DR:
A data breach at a third-party customer service provider has exposed the personal data of some Discord users, including names, email addresses, and a small number of scanned government-issued photo IDs.
This should shock the conscience of people who support digital IDs and online age verifications schemes like these. But will it?
Hello!
Today I received official email from Discord saying… that my information had been leaked.
Luckily I was using alias.
Thank you for sharing. I didn’t get an email, so I’m assuming I wasn’t affected. I use an alias too and only use Discord on web, so I should be ok.
Furthermore, the breach included … content of messages exchanged with customer service agents.
In filing DMCA take down requests (among other related legal requests/complains), you have to fill out a physical address. I assume that’s how they got access to government-issued photo IDs, because appealing and updating age verification is handled via support requests/tickets. So if you’ve filled out the DMCA- or trademark-related requests before, it’s possible that your physical address has been leaked, opposite to what Discord has stated.
I find it interest that this post isn’t getting more replies considering how large of a platform Discord is. But I suppose that is because most people here do not use it.
