In the last few hours, information has appeared related to a supposed hack to the popular messaging platform Discord, an individual attack that would have affected more than 750,000 user accounts. What is true in all this? Should we worry if we habitually use this communication platform?
The first thing to clarify is that he hack it has not been to Discord as suchbut to a third-party application: the author of this attack, who works under the pseudonym ‘Akhirah’, has managed to access information from users of discord.ioan unofficial tool that is mainly used to find and share active servers.
He hacker has managed to access information from Discord.io and has put it up for sale in a forum of hackingas we can see in the tweet by S4vitarcontent creator of hacking and cybersecurity. It is talked about that more than 750,000 accounts may have been affected for this leak, which also has a fundamental political motive: the author of the attack has assured in an interview that he did it to protest against the “pedophile” content that, according to him, floods the platform.
Apparently the Discord platform has been hacked through a support agent, exposing the private data of more than 760,000 users.
The incident has been revealed when an individual under the pseudonym Akhirah, has put up for auction a package with information from Discord on pic.twitter.com/MVJ4iyp6wR S4vitar (@S4vitar) August 15, 2023
Should I worry if I have used Discord.io?
Although it was not an attack on Discord as such, the truth is that this third-party tool was quite popular and the number of people affected is enough to take the attack seriously. hack. Should we worry? From Discord they have issued a statement in which they explain that they cut the external service at the moment they learned of the attack, although they also warn that There is Discord data that could have been leaked in the process, such as the email address of our account or messages with the official technical service, including attachments sent to support.
discord.io too has issued a statement announcing the cessation of the service indefinitely, at least for the duration of the investigation of the attack. Of course, to reassure, they warn that could not filter payment method information because they don’t file it on their servers (they used external tools like PayPal and Stripe), so there’s nothing to worry about. Own hacker He also confirmed that he did not have such data. The only thing that has been removed are usernames, email addresses and old passwordswhich encourage us to change if we use it for other services.