Marek 
Deep dive into Discord breach. Supposed hacker interview.
Its a shitshow.
YouTube
Seth of the Fediverse@acedtect on @dtnsshow talking about the #DiscordBreach makes a good point.
--> It's bad. But could have been worse.
--> But still bad.
Tom's Hardware Italia🔓La violazione di Discord è più grave del previsto: 5,5 milioni di utenti a rischio. Proteggete i vostri dati! #CyberSecurity #DiscordBreach
🔗 https://www.tomshw.it/hardware/hacker-violano-discord-55-milioni-di-utenti-a-rischio-2025-10-09
#WhateverThe first link (https://youtu.be/DWyPaw1yGeY) leads to a YouTube page with no verifiable video content, title, description, or details available, suggesting it may be fake, removed, or manipulated (e.g., AI-generated for clicks), with no transcripts or summaries found across searches. The second link (https://youtu.be/WI4U1SVIO3I), titled "Discord forces new terms on users after data breach," discusses a real September 2025 data breach at Discord involving a hacked third-party customer support provider, which exposed user data like emails, names, partial billing info, support chats, and some IDs; it also covers the platform's updated Terms of Service (ToS) and Privacy Policy rolled out around the same time, including broader data usage, forced arbitration, and potential ID/selfie verification, with user backlash over privacy and timing.
The second video is more important for the average person to know, as it covers verifiable real-world events impacting Discord's 150+ million users, including privacy risks and legal changes, whereas the first appears to be misleading or non-substantive content with no practical value.
Top 4 points the average person should be aware of (combining elements from the verifiable breach/ToS details, as the first video offers nothing substantive):
1. #DiscordBreach only affected users who interacted with support or Trust & Safety teams (not all accounts), but exposed sensitive info like emails and IDs—check your email for notifications if you've contacted them recently.
2. The #newToS mandates arbitration for disputes (waiving class actions or jury trials) and expands data collection for AI/training purposes, which many users overlook when clicking "accept" via pop-ups.
3. #Postbreach, watch for increased phishing attempts using leaked data; enable 2FA and avoid sharing more personal info than necessary on platforms.
4. Some #ToSupdates include optional but intrusive ID/selfie scans for age verification, potentially storing biometric data—review policies before agreeing to avoid unintended privacy trade-offs.
The second video is more important for the average person to know, as it covers verifiable real-world events impacting Discord's 150+ million users, including privacy risks and legal changes, whereas the first appears to be misleading or non-substantive content with no practical value.
Top 4 points the average person should be aware of (combining elements from the verifiable breach/ToS details, as the first video offers nothing substantive):
1. #DiscordBreach only affected users who interacted with support or Trust & Safety teams (not all accounts), but exposed sensitive info like emails and IDs—check your email for notifications if you've contacted them recently.
2. The #newToS mandates arbitration for disputes (waiving class actions or jury trials) and expands data collection for AI/training purposes, which many users overlook when clicking "accept" via pop-ups.
3. #Postbreach, watch for increased phishing attempts using leaked data; enable 2FA and avoid sharing more personal info than necessary on platforms.
4. Some #ToSupdates include optional but intrusive ID/selfie scans for age verification, potentially storing biometric data—review policies before agreeing to avoid unintended privacy trade-offs.
BREAKING: US Bank Account Freeze Just Went LIVE! Here's What Happens Next!
TechNadu🚨 Discord confirms a data breach via a third-party customer support vendor.
Attackers exfiltrated user emails, billing metadata, IPs, and chat transcripts — then attempted to extort the company.
No core account data or DMs affected, but the supply chain weakness is evident.
💭 Should platforms like Discord reduce vendor dependencies to limit exposure?
🧠 Follow @technadu for real-time threat alerts, digital privacy insights, and vendor risk analyses.
#DiscordBreach #CyberAttack #Infosec #DataSecurity #Privacy #ThreatIntelligence #CyberAwareness #DataBreach #VendorRisk
DavidThe #Discord breach is yet another example of why no online service should ever be required or even permitted to accept uploaded ID images. If it's necessary to verify ID, or at least age, either do it on device or through an in-person service, or cease operating in the jurisdiction till that necessity ends.
Every one of these services is a data breach waiting to happen, and once the identity documents are breached, as well as being means to identity theft, they can be used for impersonation on every other service requiring uploaded ID. And the ability to re-use the uploaded ID proves the futility of that form of verification anyway.
Just like biometrics, visual verification of ID cards only has security value when done in-person. All the requirements of ID image uploading are just security theatre, which shift liability from the service to the user while magnifying the harm to which they're exposed.
#DiscordBreach #dataBreach #privacy #ageVerification #chatControl
The DefendOps DiariesDiscord's recent breach—via a third-party vendor—shows even trusted platforms can falter. How safe is your digital world when one weak link could expose it all? Read on for a deep dive into this wake-up call for online security.
#discordbreach
#thirdpartyrisk
#datasecurity
#cybersecurity2023
#digitaltrust
Chris Merkel 🐀👨🏼🍳Now we get to stand back and watch all the AI bots report that Discord was breached. That's gonna happen because people on the internet are going to talk about Discord being breached without any further organizational specificity, repeating over and over that Discord suffered a massive breach that affected the private info of so many users. #discordbreach #wellpoisioningforthelulz