TL;DR
Discord has reported a breach involving one of its third-party support vendors (Zendesk). Some user data — including names, email addresses, IPs, and uploaded ID images — was exposed after an attacker gained access to a vendor support account. Discord’s own systems were not breached.
If you use Discord (or someone you know does):
- Watch for phishing emails or messages pretending to be from Discord, support or verification teams.
- Real Discord notifications about this incident come only from noreply@discord.com.
- Do not re-upload or re-verify your ID unless directed throughDiscord’s official site.
- If you used the same password elsewhere, change it and enable multi-factor authentication (MFA) on all accounts.
- Be cautious of messages linking to“Discord security checks” — attackers often reuse leaked data to make scams look legitimate.
Why this matters
Attackers may use exposed details to craft realistic phishing messages or impersonate Discord support staff. These scams often spread through email or Discord DMs and aim to steal login credentials.
Stay safe
Keep MFA enabled, verify URLs before signing in, and treat any “urgent” requests for identity verification with caution.
More details:
