Key takeaways
- Discord has confirmed that a September 20th cyber attack had compromised one of the company’s third-party customer service providers.
- Basic data like usernames, emails, and phone numbers were compromised, as well as some payment data like types and purchase history.
- No messages between users, full credit card numbers, or passwords were accessed by the hackers.
Discord users received some unfortunate news this week, with the messaging platform informing them that a hack last month did, in fact, compromise some important data that could have serious consequences.
Hacks have become all too common for businesses in 2025. Even the most secure company is at risk, with the external services they use for business operations just as vulnerable to being breached.
That’s the case with Discord, at least. One of its third-party customer service platforms has been hacked, leading to more user data being leaked than people are probably comfortable with.
Discord Confirms Security Incident
Announced in a company blog post, Discord has confirmed that its user data was compromised due to a cyber attack on one of its third-party services users for customer support.
“At Discord, protecting the privacy and security of our users is a top priority. That’s why it’s important to us that we’re transparent with them about events that impact their personal information.” – Discord statement
The breach occurred on September 20th. Hackers did not gain access to Discord directly, but the data available through the customer service platform in question is far from surface-level.
What Discord User Data Was Compromised?
Whenever a data breach is confirmed, the question on everyone’s mind is what data was actually stolen. While any data leaked isn’t great, there are certainly some types of data that are more sensitive than others.
For this Discord breach, the compromised user data is a bit worse than usual, but not catastrophic. As is often the case, basic information was leaked, like usernames, emails, phone numbers, and other contact information.
This just in! View
the top business tech deals for 2025 👨💻
On top of that, though, some basic payment information was stolen as well. Payment types, purchase history, and the last four digits of credit card numbers were all compromised, which is worse than your standard breach.
Beyond that, though, the damage was minimal. No full credit card numbers were stolen, nor were any passwords or messages between users. Even better, because it was through the third-party customer service platform, only users who reached out for support on Discord were impacted.
How to Protect Your Business from Being Breached
With security breaches becoming more common than ever at businesses around the world and AI making it harder to spot scams, it’s understandable that you would be interested in protecting your business from being breached.
The best place to start is training your staff. While technology has gotten better, the reality is that humans are generally the weak link in cybersecurity defense, with social engineering and phishing scams designed to trick employees into handing over the keys to user data.
Given that the Discord breach was perpetrated through a third-party, though, there is sometimes only so much you can do. After all, it would be kind of weird to insist that companies you work with train their staff more effectively on cybersecurity measures. Still, in 2025, it might be worth a shot to protect your users’ privacy.
