Skip to content
Discord has confirmed a data breach through one of its third-party customer service vendors, exposing user names, emails, and limited billing info. The company says affected users will be contacted directly by the service.
Discord users are being urged to stay vigilant after the company confirmed a data breach linked to one of its third-party customer service providers. The breach, announced on October 3, reportedly exposed the personal data of some users, including real names, Discord usernames, email addresses, scanned photo IDs (for those appealing age determination decisions), and limited billing information.
According to Discord’s official statement, the attack targeted a customer service agency contracted by the company, giving unauthorized access to data collected by its Customer Support and Trust & Safety teams. The affected data may include messages between users and Discord support agents, IP addresses, and account-related purchase information.
While no full credit card numbers or passwords appear to have been compromised, Discord noted that limited billing details such as payment type, the last four digits of stored cards, and purchase history were among the leaked information. In addition, some internal materials, such as staff training documents and presentations, were accessed.
Discord says it has cut off the third-party vendor’s access to its systems and launched a full internal investigation. Impacted users will receive an email notification from [email protected], outlining the extent of their data exposure and any next steps they should take. The company has also warned users to be cautious of suspicious messages, links, or communications claiming to be from Discord in the coming weeks.
This isn’t the first time Discord has dealt with data-related issues in 2025, however. Earlier this year, users reported the spread of malicious links across servers that installed malware and attempted to harvest personal data. Meanwhile, the platform has continued rolling out new security and design updates, including the controversial desktop UI redesign and a recently introduced Ignore feature that gives users more control over interactions.
One notable feature introduced earlier this year was age verification, which requires users in the UK and Australia to upload government IDs. Discord confirmed that those who submitted identification as part of this process will receive additional breach notifications for transparency.
With its community already skeptical of the company’s privacy and moderation practices, this latest breach is likely to reignite concerns about how Discord manages user safety. As one of the most widely used communication platforms on the internet, Discord now faces renewed pressure to rebuild user trust and ensure that its growing infrastructure doesn’t come at the cost of data security.
Related Articles
Rahim Amir Noorali – Tech Writer – 348 articles published on Notebookcheck since 2025
I am a UAE-based tech writer who likes to build and benchmark PCs both professionally and as a hobby. I contribute to multiple tech publications, including TechRadar and NotebookCheck, as well as Game Rant, where I focus primarily on news, commerce, and buying guides. When I’m not scouring the internet for the latest in tech stories, you will find me playing a game of Civilization or DotA with friends and frenemies alike while dropping recommendations for Apple TV+’s Foundation to everyone I come across.
Rahim Amir Noorali, 2025-10- 6 (Update: 2025-10- 6)
