Discord.io [1] [2] [3] [4] [5] [6], a third-party custom service separate from Discord, experienced a major data breach that resulted in the exposure of personal details belonging to its 760,000 members. This breach [1] [4] [5] [6], which occurred on August 14th [6], prompted the temporary shutdown of Discord.io’s services.
Description
The stolen database from the breach contained usernames, email addresses [4] [5] [6], Discord IDs [2] [4] [6], billing addresses [4] [6], and hashed passwords [2] [4] [6]. However, it is important to note that no payment information was stored on Discord.io’s site. In addition to this, less sensitive data such as user IDs [6], avatar details [6], and registration dates were also compromised [6]. Discord.io clarified that the breach did not compromise any payment information and took immediate action by revoking the leaked application programming keys to render them useless.
The hacker responsible for the breach claimed that their intention was not solely for financial gain [6], but also to expose illegal and harmful content on Discord.io [6]. They offered to refrain from selling or releasing the stolen data if Discord.io addressed the issue [6]. In response, Discord.io took the service offline [6], canceled existing premium subscriptions [3], and initiated an investigation into the vulnerability in their website’s code. They have plans to rewrite the code and implement improved security practices to prevent future breaches [5] [6].
Conclusion
As a result of this data breach, the personal information of Discord.io’s members has been compromised. However, it is reassuring to know that no payment information was affected. Discord.io has taken immediate steps to mitigate the situation by revoking the leaked programming keys and addressing the vulnerability in their code. Moving forward, it is crucial for users to update their passwords and take necessary precautions to safeguard their sensitive information. Discord.io’s commitment to improving security practices will help prevent future breaches and ensure the safety of its users’ data.
References
[1] https://www.infosecurity-magazine.com/news/discordio-halts-operations-data/
[2] https://www.techradar.com/pro/security/discordio-gets-taken-down-after-massive-data-breach
[3] https://mashable.com/article/discord-io-data-breach
[4] https://www.scmagazine.com/brief/data-breach-prompts-temporary-discord-io-shutdown
[5] https://www.darkreading.com/cloud/discord-io-shuts-down-temporarily-databreach-investigation-underway
[6] https://siliconangle.com/2023/08/15/discord-io-suffers-data-breach-760000-users-info-stolen/
