News Tech

Discord.io suffers massive data breach, announces closure

Discord.io, a service that allowed users to create custom links for their Discord channels, is closing down following a

Discord.io suffers massive data breach, announces closure

.io, service that allowed users to create custom links for their Discord channels, is closing down following a large data breach.

A stole the data of 760,000 users, per TechRadar, and has posted a sample on Breached Forums in order to potentially sell it. The discord.io site displays a message saying “we are stopping all operations for the foreseeable future”.

The third-party service has broken down exactly what is and isn't contained in the stolen data in a .

What is contained in the breach:

Non-sensitive information about your account:

Your internal ID.

Information about your avatar.

Your status (moderator/admin/has ads/banned/public/etc).

Your coin balance, and current streak in our free minigame.

Your API key ( does not give access to your account, and was only available to than a dozen users).

Your registration date.

Your last payment date and the expiration date of your premium membership.

Potentially sensitive information about your account:

Your username.

Either the one you provided at signup, or, for most of you, your current Discord username.

Your Discord ID.

This information is not private and can be obtained by anyone sharing a server with you. Its in the breach does, however, mean that other people might be able to link your Discord account to a given email address.

Your email address.

Either the one you provided at signup, or, for most of you, your current Discord e-mail address.

Your billing address.

This should only concern a small number of people and corresponds to the billing address you gave us in order to make a purchase on our site before we began using .

Your salted and hashed .

This should only concern a small number of people before we exclusively offered Discord as a option (starting in 2018). While your password was encrypted to industry standards, if it was not unique, we urge you to update any other site that might have used this password.

What is not contained in the breach:

Anything not explicitly listed above.

Your payment details (those are stored safely by our partners Stripe and ).

The service says it has cancelled existing premium subscriptions. They add that they've yet to be contacted by the hacker, and as far as they know “the database itself has no yet been shared publicly”.

About Author

Leave a Reply

SOFAIO BLOG We would like to show you notifications for the latest news and updates.
Dismiss
Allow Notifications