Hackers claim to have stolen as many as 2.1 million photo IDs in 1.5TB Discord data breach

Hackers who claim responsibility for a major breach at Discord have escalated their threats by stating they possess 1.5 terabytes of age-verification photos, consisting of 2,185,151 images of government-issued IDs, such as passports, driver’s licenses, along with selfies submitted by users during automated age check appeals.

The hackers in question are leveraging the stolen user information to extort a ransom from Discord. The security breach has drawn widespread alarm over risks of identity theft and phishing risks, especially considering that Discord houses over 250 million monthly active users.

The situation was first reported by cybersecurity trackers like Hackmanac and Discord Previews online. The age-verification system only amplifies concerns about data retention practices and regulatory pressures for age verification in regions like the UK and Australia.

The security breach dates back to September 20, when an unauthorized individual compromised Discord’s third-party customer service provider, Zendesk, giving them access to ticketing systems without directly infiltrating Discord’s core infrastructure.

Discord detected the anomaly shortly after and publicly announced the incident on October 3, stating that only a limited number of users, who had contacted customer support or trust and safety teams, were at risk.

In its official update, the company detailed the scope of the breach, mentioning that the attacker explicitly aimed to extract data for extortion, a calculated move that has sent waves into other sectors such as cryptocurrency, where Zendesk is known to serve exchanges like BtcTurk and HTX, both of which were victims of multimillion-dollar hacks previously.

According to Discord’s press release, the compromised information consists of names, usernames, email addresses, and other contact details shared with support, including partial billing data like payment types, the last four digits of credit cards, and purchase histories, IP addresses, conversations with customer support agents, and limited internal materials like training documents and presentations.

Absent from the leaks are full credit card numbers, CVV codes, private messages, and passwords. While Discord acknowledged the hackers gained access to “a small number of government-ID images” from age-verification appeals, hackers claim they have over two million such files, potentially harvested before automated deletions could occur.

Discord has started sending emails to affected individuals and is urging users to remain alert to any suspicious communications.