Over 760K User’s Sensitive Data Stolen


The data of 760,000 Discord.io members has been advertised for sale on a darknet forum by a hacker using the pseudonym “Akhirah”.

On Monday, August 14, 2023, a data breach occurred that seriously endangered the privacy of almost 760K customers’ data.

Using the platform Discord.io, users can make unique, personalized Discord invites. Email addresses, hashed passwords, and other user-specific information are included in the database that is being provided.

Specifics of the Data Breach

The threat actor revealed four user records from the database as evidence of the hack. StackDiary reports stated that the database is currently being sold on the new Breach Forums, which just appeared under the control of the notorious ShinyHunter hackers.

Forum post selling Discord.io database
Forum post selling Discord.io database

The database, according to the threat actor, comprises information for 760,000 Discord.io members and includes the following various types of information:

"userid","icon","icon_stored","userdiscrim","auth","auth_id","admin","moderator","email","name","username","password","tokens","tokens_free","faucet_timer","faucet_streak","address","date","api","favorites","ads","active","banned","public","domain","media","splash_opt","splash","auth_key","last_payment","expiration"

The most sensitive information compromised includes a member’s username, email address, billing address (for a limited number of users), salted and hashed password (for a limited number of people), and Discord ID.

“This information is not private and can be obtained by anyone sharing a server with you. Its inclusion in the breach does, however, mean that other people might be able to link your Discord account to a given email address,” Discord.io explains.

In a note on its website and Discord server, Discord.io verified the validity of the hack and has started temporarily shutting down its services in response.

“Discord.io has suffered a data breach. We are stopping all operations for the foreseeable future,” reads a message on the service’s Discord server.

“For more information, please refer to our #breah-notification channel. We’ll be updating our website soon with a copy of this message.”

They quickly established the accuracy of the stolen information and started terminating all paid memberships as well as shutting down the website’s services.



Document

FREE Webinar

API Attacks Have Increased by 400% – Understand the Fundamentals of Protecting Your APIs with a Positive Security Model – Register Now for a Free Webinar


According to a spokesperson from Discord, “Discord is not affiliated with Discord.io. We do not share any user information with Discord.io directly and we do not have access to or control of information in Discord.io’s custody”.

“We are committed to protecting the privacy and data of our users and encourage our users to enable Two-Factor Authentication (2FA) to help keep their accounts protected, and consider SMS Authentication”.

“Additionally, we have revoked the OAuth tokens for any Discord user that has used Discord.io, so that app can no longer perform actions on behalf of those users until they re-authenticate”.

As a result, if you are a Discord.io user, you should be on the watch for odd emails that contain links to pages where you are required to enter your password or other details.

The users are recommended to immediately change their passwords and use two-factor authentication on their accounts to increase security.

Keep informed about the latest Cyber Security News by following us on GoogleNews, Linkedin, Twitter, and Facebook.





Source link