Discord said an unnamed third-party support provider it uses was compromised, impacting some sensitive personal customer data.
A “small number” of images of government identification documents such as drivers’ licences and passports, from users who had appealed Discord’s age determination were accessed.
Discord has been contacted by iTNews for further details on how many government ID document scans were taken in the breach that users were notified of on September 20, US time.
Other data that may have been compromised include names, Discord user names, email addresses and other contact details, if they were were provided to the communication platform’s customer support.
Furthermore, some billing information such as the last four digits on credit cards, customer purchase histories, IP addresses, messages with customer service agents, were also accessed.
Corporate data such as training materials, and internal presentation were also accessed in limited numbers, Discord said.
The attacker sought to extort an unspecified ransom from Discord.
Discord did not disclose if it paid the ransom, nor did the company provide details on how the third-party support provider was compromised.
Users whose data was compromised will be contacted via emaill only by Discord.
Discord said its own systems were not compromised in the attack.
Meanwhile, the compromised third party has had its access to Discord’s ticketing system revoked.
Discord started up in 2015, as a voice and text communications service for gamers using community servers and topic-specific channels.
It has since rocketed in popularity and, with further features such as video, a subscription based file upload service named Nitro, reaching into many other areas such as open source development, hobbyists and corporate communication.
Discord claims to have over 200 million monthly users worldwide as of 2025.
