### Massive Data Breaches Expose Weaknesses in Corporate Cybersecurity: Discord Latest Victim
#### The State of Cybersecurity in 2025
As we move through 2025, a troubling trend is emerging: cybercriminals are outpacing the world’s largest organizations when it comes to data security. Companies across diverse industries—from tech giants like Google, to leading insurers such as Allianz and Farmers, to luxury brands like Dior—are reporting major data breaches with alarming regularity. The latest company to join this growing list is Discord, the popular online chat platform used by millions worldwide.
#### The Discord Breach: What Happened?
On September 20, 2025, Discord discovered that hackers had accessed sensitive user data. Unlike some attacks that target a company’s core servers, this breach occurred through a third-party provider. Specifically, attackers infiltrated 5CA, a customer support service that Discord partners with to handle user inquiries and age verification requests.
Through this breach, hackers gained access to data belonging to users who had interacted with Discord’s Customer Support or Trust & Safety teams. The exposed data included Discord usernames, real names, email addresses, limited billing information (such as payment types and the last four digits of credit cards), IP addresses, and even the content of conversations with support staff. Most concerning was the revelation that images of government-issued IDs, submitted by users for age verification, were also compromised. Discord estimates that roughly 70,000 users worldwide may have had their ID images exposed.
#### The Hackers and Their Motives
According to cybersecurity reporting site Bleeping Computer, a threat group known as the Scattered Lapsus$ Hunters (SLH) has claimed responsibility for the Discord attack. This group is also behind recent extortion attempts involving over a billion Salesforce records, demanding ransom payments in exchange for not releasing or selling stolen data. In Discord’s case, the hackers allegedly used their access to demand a ransom from the company, threatening to leak the stolen information if their demands were not met.
#### Discord’s Response
Discord publicly disclosed the incident on October 3, 13 days after the initial breach. In its announcement, the company emphasized that the breach did not involve direct access to Discord’s own servers or core systems. Instead, it was limited to the third-party provider, 5CA.
In response, Discord took several immediate steps:
1. **Cutting Ties with 5CA:** Discord severed its relationship with the compromised support vendor to prevent further unauthorized access. 2. **Internal Investigation:** The company launched an internal review in collaboration with a digital forensics team to assess the breach’s scope and impact. 3. **User Notification:** Discord began reaching out to all affected users, making clear that any official communication regarding the breach would only come from the noreply@discord.com email address. The company also stressed that it would never contact users by phone about the incident. 4. **Data Protection Steps:** Discord clarified that some sensitive information remained secure—full credit card numbers, CCV codes, account passwords, and any user activity outside of support communications were not compromised. 5. **Regulatory and Law Enforcement Coordination:** The company notified relevant data-protection authorities, is working closely with law enforcement, and has started auditing all third-party vendors to ensure higher security and privacy standards going forward.
A Discord spokesperson addressed public concerns, stating, “We want to address inaccurate claims by those responsible that are circulating online. First, as stated in our blog post, this was not a breach of Discord, but rather a third-party service we use to support our customer service efforts. Second, the numbers being shared are incorrect and part of an attempt to extort a payment from Discord. Of the accounts impacted globally, we have identified approximately 70,000 users that may have had government-ID photos exposed, which our vendor used to review age-related appeals. Third, we will not reward those responsible for their illegal actions. All affected users globally have been contacted, and we continue to work closely with law enforcement, data protection authorities, and external security experts. We've secured the affected systems and ended work with the compromised vendor. We take our responsibility to protect your personal data seriously and understand the concern this may cause."
#### The Broader Problem: Third-Party Vulnerabilities
Discord’s breach is just the latest example of a growing problem in cybersecurity: the vulnerability of third-party service providers. Many companies rely on external vendors for critical