There is news that the official ID photos of around 70 thousand Discord users have potentially been leaked after a cyber-attack. This concerns me personally as I use the app with my online cycling team.
Darren James, a Senior Product Manager at Specops Software said this:
“Identity verification has become a key component in both Know Your Customer (KYC) and Know Your Employee (KYE) scenarios. These requirements stem from recent legislation mandating that service providers make reasonable efforts to validate that their users are who they claim to be.”
“However, as we’ve seen in this case, if you are subject to these regulations—or even in the process of choosing a solution—you need to ensure that personally identifiable information (PII) is handled, processed, and stored securely, or ideally not stored at all unless required.”
“The high levels of identity assurance demanded in this age of AI-enhanced deepfakes will continue to grow. Businesses and consumers alike must understand the implications of these identity challenges, and vendors will need to implement appropriate safeguards to protect their customers’ privacy as well as their own reputations.”
Chris Hauk, Consumer Privacy Champion at Pixel Privacy follows with this:
“This breach underscores the concerns many privacy advocates, myself included, have about forcing websites to require users to submit images of their driver’s licenses and other personal and financial information before being allowed to access adult and other types of content. When third parties are involved, like in this case, it increases the risk to users’ information, as it increases the attack surface for breaches such as this.”
“Cybercriminals often target databases that contain personal and financial information, making info like driver’s licenses, social security numbers, credit card and banking account numbers, and other info a valuable commodity among the bad actors of the world.”
Now as far as our team is concerned, nobody on the team has submitted their personal documents to use Discord. Or more accurately, nobody has admitted to do so. IF they have, it’s likely not going to end well.
Related
This entry was posted on October 9, 2025 at 12:18 pm and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Discord Pwned And Personally Identifiable Info Is In The Wrong Hands
There is news that the official ID photos of around 70 thousand Discord users have potentially been leaked after a cyber-attack. This concerns me personally as I use the app with my online cycling team.
Darren James, a Senior Product Manager at Specops Software said this:
“Identity verification has become a key component in both Know Your Customer (KYC) and Know Your Employee (KYE) scenarios. These requirements stem from recent legislation mandating that service providers make reasonable efforts to validate that their users are who they claim to be.”
“However, as we’ve seen in this case, if you are subject to these regulations—or even in the process of choosing a solution—you need to ensure that personally identifiable information (PII) is handled, processed, and stored securely, or ideally not stored at all unless required.”
“The high levels of identity assurance demanded in this age of AI-enhanced deepfakes will continue to grow. Businesses and consumers alike must understand the implications of these identity challenges, and vendors will need to implement appropriate safeguards to protect their customers’ privacy as well as their own reputations.”
Chris Hauk, Consumer Privacy Champion at Pixel Privacy follows with this:
“This breach underscores the concerns many privacy advocates, myself included, have about forcing websites to require users to submit images of their driver’s licenses and other personal and financial information before being allowed to access adult and other types of content. When third parties are involved, like in this case, it increases the risk to users’ information, as it increases the attack surface for breaches such as this.”
“Cybercriminals often target databases that contain personal and financial information, making info like driver’s licenses, social security numbers, credit card and banking account numbers, and other info a valuable commodity among the bad actors of the world.”
Now as far as our team is concerned, nobody on the team has submitted their personal documents to use Discord. Or more accurately, nobody has admitted to do so. IF they have, it’s likely not going to end well.
Share this:
Like this:
Related
This entry was posted on October 9, 2025 at 12:18 pm and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.