BleepingComputer reports that Discord has begun informing 180 users whose personally identifiable information had been exposed in a data breach at a third-party service provider in March.
Such a third-party breach involved the compromise of a customer support agent's account, which was leveraged by threat actors to infiltrate the support ticket queue to access user email addresses and support tickets, as well as communications with Discord support. Immediate investigation has been launched by Discord upon the discovery of the incident.
"On June 13, 2023, Discord completed the review of the support tickets involved and determined that one or more of those support tickets contained the personal information of one Maine resident including the individual's name and driver's license or state identification card number," said the Discord Privacy Team in the notification letters.
Such a disclosure comes a week after third-party custom service Discord.io had its operations shut down following a breach that exposed nearly 760,000 members' data.