/cdn.vox-cdn.com/uploads/chorus_asset/file/24016885/STK093_Google_04.jpg)
/cdn.vox-cdn.com/uploads/chorus_asset/file/24808816/Starfield__The_Settled_Systems___Supra_Et_Ultra_____Starfield__The_Settled_Systems___Supra_Et_Ultra_2023_7_25_94252.263_1440p_streamshot.png)
Top streaming service Discord has suffered a minor cyber security incident that potentially exposed sensitive and personal user data.
In a letter sent to users viewed by bleeping computerThe company disclosed that an unknown threat actor managed to compromise an account belonging to a third-party support agent, gaining access to the agent’s support ticket queue, which contained some personally identifiable information such as user email addresses.
In addition, any messages users may have exchanged with a support agent, as well as any attachments they may have sent, were also accessible.
Email has been published.
In a notification released after the incident, Discord said it moved quickly to deactivate the account and minimize the damage:
“Due to the nature of the incident, it is possible that your email address, the contents of customer service messages and any attachments sent between you and Discord may be exposed to a third party,” the company said.
“As soon as this issue was made known to Discord, we disabled the compromised account and completed a malware investigation on the affected machine.”
While there was no word on the name of the third-party partner whose employee was targeted, Discord said it helped that entity implement new features that should prevent these incidents from happening again in the future.
The company said the likelihood of someone misusing the information was minimal, but added that its users should still be on the lookout for any potential identity theft. (opens in new tab) or phishing attacks.
“While we believe the risk is limited, it is recommended that you remain alert for any suspicious messages or activity, such as scams or phishing attempts,” the company said.
Discord is an extremely popular instant messaging platform, especially among blockchain businesses and cryptocurrency projects.
Via: Bleeping Computer (opens in new tab)
