At a glance.
- Discord at Discord.
- US bank discloses data breach.
Discord at Discord.
Instant messaging and VoIP social platform Discord has begun notifying impacted users of a data breach discovered in March. Bleeping Computer reports that a network intrusion at a third-party service provider led to the hack of an account belonging to a customer support agent. The agent's support ticket queue, user email addresses, support messages, and support ticket attachments were among the exposed data. Upon learning of the breach, Discord quickly deactivated the account and opened an investigation to determine the scope of the breach. The Discord Privacy Team wrote in the letters mailed to impacted users, “On June 13, 2023, Discord completed the review of the support tickets involved and determined that one or more of those support tickets contained the personal information of one Maine resident including the individual's name and driver's license or state identification card number." The data of approximately one hundred eighty users were compromised. It’s worth noting Discord.io, a third-party and unofficial Discord invite service, also disclosed a massive data breach last week that exposed information belonging to around 760,000 members, forcing the service to shut down. The alleged hacker has already posted a Discord.io database for sale on hacking forum Breached. At first glance it does not appear that the two incidents are linked, but regardless, it’s been a bad few months for Discord.
US bank discloses data breach.
US financial institution MidFirst Bank filed a notice of data breach with the Attorney General of Texas earlier this week. Based out of the state of Oklahoma, the bank also serves customers in Arizona, California, Colorado, and Texas. As JDSupra notes, it is unclear at this point whether the target was MidFirst’s IT network or that of one of the bank’s vendors. Upon learning of the breach, MidFirst reviewed the impacted files and determined that the compromised data include customer names, Social Security numbers, and financial account information. On August 22, the same day that the bank filed with the Attorney General, it also began notifying affected individuals, which includes over 20,000 people in the state of Texas alone.