The popular messaging platform service Discord Inc. has suffered a data breach after a third-party agent was compromised.
In a message to affected users first shared May 11 on Reddit, Discord said it was made aware of a brief incident that resulted in authorized access to a third-party customer service agent’s support ticket queue. Email addresses, the content of customer service messages and any attachments sent between affected users and Discord were exposed to a third party.
Discord added that as soon as it was aware of the issue, it deactivated the compromised account and completed malware checks on the affected machine. Discord is also working with the customer service partner to prevent a recurrence of the compromise and warned affected users to be vigilant for any suspicious message or activity, such as fraud or phishing attempts.
What is lacking from Discord are any details as to the form of the attack, how long the data was exposed and how many users were affected. Discord has so far said nothing about the breach aside from the email sent to affected users.
It could be possible that the breach affected a handful of customers or hundreds of thousands, but the lack of transparency from Discord is somewhat disconcerting in an age where most companies understand that proper disclosure of data incidents is vital to maintain trust with users and the broader community. Was the compromise due to an unpatched server, was insider hacking involved, or was the third-party provider targeted another way? Those are all reasonable questions for a company that had raised nearly $1 billion in venture capital funding and was nearly acquired by Microsoft Corp. in 2021.
Despite the lack of details, others were more forgiving.
“In the case of Discord’s breach disclosed today, the company swiftly handled the compromised account, demonstrating its effective identity access control measures,” Almog Apirion, chief executive of zero-trust access company Cyolo Ltd., told SiliconANGLE. “However, cybercriminals are elusive, so monitoring and forensics remain crucial even when the attack seems to be very limited in scope and reach.”
Apirion added that to enhance network security and mitigate further risks, Discord – and companies facing such third-party challenges – should implement key post-attack identity management procedures. “This proactive approach includes assuming that other accounts are compromised and that attackers have potentially accessed other vital systems through the support ticketing system,” he said.
Your vote of support is important to us and it helps us keep the content FREE.
One-click below supports our mission to provide free, deep and relevant content.
Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger and many more luminaries and experts.