TZUTC: -0500   
   MSGID: 1575.consprcy@1:2320/105 2d4cfb38   
   PID: Synchronet 3.21a-Linux master/123f2d28a Jul 12 2025 GCC 12.2.0   
   TID: SBBSecho 3.28-Linux master/123f2d28a Jul 12 2025 GCC 12.2.0   
   BBSID: CAPCITY2   
   CHRS: ASCII 1   
   FORMAT: flowed   
    [So what was Discord doing with goverment ID data?!?]   
      
   Discord reveals more on data breach - says 70,000 government ID photos may   
   have been leaked   
      
   Date:   
   Thu, 09 Oct 2025 11:25:00 +0000   
      
   Description:   
   The attackers don't agree with Discord's assessment - which could be worrying   
   for users.   
      
   FULL STORY   
      
   Discord has revealed more details about the recent third-party data breach   
   incident , including an estimate of the likely number of ID card photos    
   stolen in the attack.    
      
   The company had warned its users about a potential data breach, saying a   
   third-party customer support service provider was breached. The unauthorized   
   party then gained access to information from a limited number of users who    
   had contacted Discord through our Customer Support and/or Trust & Safety   
   teams, Discord said at the time.    
      
   The identity of the attackers was not disclosed, but Discord did say that the   
   crooks took personally identifiable data, contact information, some corporate   
   data, and a small number of government-issued ID cards.   
      
   How many ID cards?    
      
   Now, BleepingComputer has claimed the company that was likely compromised was   
   Zendesk.    
      
   It also managed to get in touch with the attackers, who claimed to have    
   stolen data of 5.5 million unique users, including 2.1 million photos of   
   government IDs. The total size of the archive was 1.6TB, downloaded during    
   the 58 hours of unabated access.    
      
   The attackers told the publication they accessed the network through a   
   compromised account belonging to a support agent that was employed through an   
   outsourced business process outsourcing provider that Discord used.    
      
   Discord does not agree on the severity of the breach, though.    
      
   "First, as stated in our blog post, this was not a breach of Discord, but   
   rather a third-party service we use to support our customer service efforts,"   
   the company told the publication in a statement.    
      
   "Second, the numbers being shared are incorrect and part of an attempt to   
   extort a payment from Discord. Of the accounts impacted globally, we have   
   identified approximately 70,000 users that may have had government-ID photos   
   exposed, which our vendor used to review age-related appeals."    
      
   "Third, we will not reward those responsible for their illegal actions." The   
   attackers allegedly asked for $5 million - and later reduced the asking price   
   to $3.5 million.   
      
   ======================================================================   
   Link to news story:   
   https://www.techradar.com/pro/security/discord-reveals-more-on-data-breach-say   
   s-70-000-government-id-photos-may-have-been-leaked   
      
   $$   
   --- SBBSecho 3.28-Linux   
    * Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)   
   SEEN-BY: 105/81 106/201 128/187 129/14 305 153/7715 154/110 218/700   
   SEEN-BY: 226/30 227/114 229/110 111 206 300 307 317 400 426 428 470   
   SEEN-BY: 229/664 700 705 266/512 291/111 320/219 322/757 342/200 396/45   
   SEEN-BY: 460/58 633/280 712/848 902/26 2320/0 105 304 3634/12 5075/35   
   PATH: 2320/105 229/426