Download Our Cyber Insights Document on the Discord Data Breach
In early October 2025, Discord disclosed a serious data-security incident arising from the compromise of one of its third-party customer-support/age-verification providers. The vendor’s ticketing system was accessed for a period of approximately 58 hours starting in end September, giving threat actors visibility into support tickets, user names, email addresses, IP addresses, partial billing metadata and even – for a subset of roughly 70,000 users – government-issued ID images submitted for age checks.
Although Discord emphasised its core systems and credentials were not directly breached and full credit-card numbers, CVVs and passwords remain unaffected, the incident highlights a critical vulnerability: the reliance on outsourced partners and the downstream risks when they process high-sensitivity data.
For organisations in tech, online services, gaming and platforms handling identity checks, the key takeaway is clear: vendor management, access monitoring, and incident-response readiness are no longer optional.
Download our Cyber Insights Document on the Discord attack for a detailed breakdown of the breach, including the attacker’s tactics, the root-cause analysis and the lessons every business must apply now. Armed with this insight, your organisation can strengthen its incident response playbook and guard against the next high-impact vendor-driven breach.
Disclaimer: This document has been created with the sole purpose of encouraging discourse on the subject of cybersecurity and good security practices. Our intention is not to defame any company, person or legal entity. Every piece of information mentioned herein is based on reports and data freely available online. Cyber Management Alliance neither takes credit nor any responsibility for the accuracy of any source or information shared herein.
- ** GDPR ** We wholeheartedly believe your and our rights to privacy and in the GDPR. The bottom of the page explains how we use your data.
- Align with the GDPR requirements.
- Increase your Breach Readiness.
- Reduce your time to detect and respond.
Complete the form below to receive a copy of CMA Cyber Insights on the Discord Data Breach
We are industry experienced practitioners when it comes to cyber security training & cyber security consultancy services
Training
We offer a host of courses including our NCSC Assured Training in Cyber Incident Planning and Response and our NCSC Assured Training in Building and Optimising Incident Response Playbooks.
Virtual CISO Services
Hands On, full-support 'Security As a Service', specifically designed for organisations that require access to experienced cybersecurity, governance, risk and compliance professionals.
Virtual Cyber Assistant
A unique, affordable, subscription-based, cybersecurity service for small to medium businesses, offering 280+ services in cybersecurity.
Cyber Crisis Tabletop Exercises
Scenario-based, verbally-simulated tabletop attack exercises that test your organisation's ability to effectively respond to a cyber-attack.
