A third-party application named Discord.io has recently suffered a data breach that has exposed up to 760,000 members and has forced the service to shut down.
Discord.io Data Breach
As reported by Techradar, Discord.io is a third-party application which allows users to generate custom invite links for their Discord servers. Yesterday the team reported on their website that they had suffered a data breach on the night of the 14th of August which leaked content to unknown attackers. The attackers have downloaded the entire database which has been put up for sale on a 3rd party website. Following the attack, the group has shut down their operations and cancelled all active subscriptions to the website going forward will investigate the breach and take steps to ensure it won’t happen again.
The data that has been exposed ranges from non-sensitive information including Internal user IDs, your status, registration dates, and API keys. The leak could also contain sensitive information including usernames, email addresses, salted and hashed passwords, and billing information of users who made payments before the site began using Stripe.
If you have used Discord.io before 2018 using username/password registration it is urged that you change your password, but after that date, the website only used Discord user-id’s and not the auth tokens so your password wouldn’t have been in the breach.
