Discord has recently disclosed a data breach that occurred due to a ransomware attack on one of its third-party support providers. The social media company has confirmed that the breach only affected a limited number of users, and an investigation is currently underway with authorities being notified. Affected users will be directly informed via an official email.
The cyberattack took place on September 20, 2025, when hackers were able to access internal data from Discord through a third-party vendor. Discord has assured users that their passwords and authentication data remain secure, as the breach did not impact the main servers or infrastructure of the platform.
According to Discord, the attackers were able to access data related to users who had interacted with customer support or Trust & Safety services. The exposed information includes names, email addresses, usernames, last four digits of billing information, and IP addresses. Additionally, some users’ government-issued ID details and customer support chats were also compromised.
In addition to user data, the attackers also gained access to limited corporate materials such as internal documents and presentation files. Discord has clarified that payment details, CVV codes, and general chats were not affected by the breach.
Discord is currently collaborating with forensic experts to fully assess the impact of the breach and enhance security measures. Law enforcement has been informed and is working to identify the perpetrators behind the attack. Affected users will receive detailed information via email regarding the extent of the accessed data.
Overall, Discord is taking proactive steps to address the data breach and ensure the security of its platform and users.