Discord has notified customers of an information breach that occurred when a menace actor gained unauthorized entry to the help ticket queue of a third-party customer support agent.
“As a result of nature of the incident it’s potential that your electronic mail handle, the contents of customer support messages and any attachments despatched between you and Discord might have been uncovered to a 3rd get together,” learn a message seen by Infosecurity and despatched to impacted customers.
Learn extra on provide chain breaches: Simply 3% of UK Corporations Escaped a Provide Chain Breach in 2021.
The favored messaging platform stated that as quickly because it found the problem, it deactivated the compromised account and accomplished malware checks on the person’s machine.
“We’ve additionally labored with our customer support companion to enhance their practices and assist forestall these kind of incident from occurring sooner or later,” Discord continued.
“Whereas we imagine the chance is proscribed, it is suggested that you simply be vigilant for any suspicious messages or exercise, similar to fraud or phishing makes an attempt.”
This isn’t the primary time Discord has been focused by malicious actors. In 2021, Infosecurity reported new multi-function malware designed to abuse core features on the platform and switch focused machines into malicious bots.
The identical report revealed makes an attempt to make use of Discord as a malicious file internet hosting service.
It’s anticipated that Discord’s person base will attain almost 200 million month-to-month lively customers by the tip of 2023, making it an more and more engaging goal for attackers.
The platform is especially widespread with the gaming neighborhood and is assumed to have been the primary place the place suspected Pentagon leaker Jack Teixeira started sharing labeled army paperwork.
The variety of customers impacted by the latest provide chain breach is unclear.
Editorial picture credit score: Ink Drop / Shutterstock.com
