International Cyber Expo International Cyber Expo
  • About Us
Wednesday, 8 July, 2026
IT Security Guru
International Cyber Expo
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Discord Suffers Data Breach Through Compromised Third Party

by The Gurus
May 16, 2023
in Editor's News, Featured, News, Security News
AT&T Cybersecurity grows SASE offering by adding Palo Alto Networks
Share on FacebookShare on Twitter

Popular social media platform Discord has notified users it has suffered a data breach after a support agent’s account at a third party became compromised.

A malicious individual then gained unauthorised access to the agent’s support queue, exposing user email addresses, Discord support messages and attachments sent via the ticket system.

Discord – which has a user base of over 150 million monthly active users – has deactivated the compromised account and undertaken security checks on the agent’s machine, including malware scans.

The social media platform has collaborated with the third-party partner and has ensured security measures have been put in place, so such an incident is avoided going forward.

Discord has contacted users warning them to remain vigilant of any unusual activity regarding accounts including phishing or fraud attempts.

Commenting on the news and offering insight are the following cybersecurity experts:

Jamie Boote, associate principal consultant at the Synopsys Software Integrity Group, said “Companies need to take a top-down approach to protecting their data. It starts with policy and standards that classify all types of data the company would expect to create, collect, store, or generate. Once these data classification standards are in place, companies then need to catalogue where all sensitive or privacy data is collected, handled, or stored into an inventory. You can’t protect something if you don’t know where or what it is.

Alex Archondakis, Head of Professional Services at Pentest People, comments; “Organisations often focus security resources on their own internal and external assets, however, this attack proves that your security is only as good as the weakest link in your supply chain. Every level of the supply chain should be analysed to understand what type of data or access can be acquired from exploiting it. The company chosen for each section should be researched to ensure that they perform regular penetration tests against their systems and hold relevant cyber security certificates such as Cyber Essentials Plus. In the case of third parties storing your sensitive data, one should ensure that anyone with access to it has been through relevant vetting procedures.”

Chris Hauk, Consumer Privacy Advocate at Pixel Privacy said, “The growing popularity of Discord, especially among gamers, makes it an increasingly attractive target for the bad actors of the world. Discord users must remain alert for any phishing emails using the email addresses gleaned in the data breach.”

Paul Bischoff, Consumer Privacy Advocate at Comparitech added, “Scammers might personalise their messages using data from the breach to make them more convincing. Never click on links or attachments in unsolicited messages!”

 

 

Tags: BreachCyberdiscordsecurity
ShareTweet
Previous Post

Next Post

The Future is (Cyber) Mindful

Recent News

Mike Winston on Why Jet.AI Shifted From Aviation to AI Infrastructure

Mike Winston on Why Jet.AI Shifted From Aviation to AI Infrastructure

July 7, 2026
George Murnane’s One-Question Test for Real AI

George Murnane’s One-Question Test for Real AI

July 7, 2026
Registration Now Open for International Cyber Expo 2026

Registration Now Open for International Cyber Expo 2026

July 7, 2026
Forescout

Forescout recognised by NATO for cybersecurity capabilities across IT and OT environments

July 7, 2026

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2026 IT Security Guru - Website Managed by Dessol

  • About Us
Manage Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
  • Manage options
  • Manage services
  • Manage {vendor_count} vendors
  • Read more about these purposes
View preferences
  • {title}
  • {title}
  • {title}
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2026 IT Security Guru - Website Managed by Dessol