San Francisco: Popular teenage chat platform Discord has started notifying users about a data breach following the compromise of a third-party support agent’s account.
According to BleepingComputer, the agent’s support ticket queue was compromised in the security breach, exposing user email addresses, messages exchanged with Discord support, and any attachments sent as part of the tickets.
The company said it immediately addressed the breached support account by disabling it once the incident was discovered.
“Due to the nature of the incident, it is possible that your email address, the contents of customer service messages and any attachments sent between you and Discord may have been exposed to a third party,” Discord said in letters sent to affected users.
“As soon as Discord was made aware of the issue, we deactivated the compromised account and completed malware checks on the affected machine,” it added.
Moreover, the company stated that it considers the risk to be minimal and advised users to remain alert for any signs of fraudulent or phishing messages or activity.
In April, cyber-security researchers discovered a new malware that is distributed over Discord which has more than 300 million active users.
The team from CyberArk Labs spotted the malware called Vare which uses Discord’s infrastructure as a backbone for its operations.
This malware is linked to a new group called ‘Kurdistan 4455’ based out of southern Turkey and is still early in its forming stage, according to security researchers.
–IANS
Comments are closed.