Discord.io has suffered a major data breach where a hacker stole data from 760,000 users.
Discord.io is a third-party service from Discord that helps users generate custom invites for their channels.
This platform is used by several groups, including operators of IPTV services, to communicate with customers and potential subscribers.
Here’s a comprehensive breakdown of what’s going on and what steps you should take if you’re affected.
Discord.io Data Breach – What Happened?
Discord.io, a third-party custom invite service for Discord, reported a significant data breach that affected about 760,000 of its users.
This platform, although not officially affiliated with Discord, offers server owners the ability to generate custom invitations to their channels.
The breach came to light when an individual named ‘Akhirah’ advertised the sale of the Discord.io database on the Breached hacking forums.
This forum, notorious for data breach listings, is the revamped version of a well-known cybercrime platform.
What Data Was Exposed?
The compromised database supposedly consists of the following:
- Email addresses
- Billing addresses (for a minor group of members)
- Salted and hashed passwords (also for a small portion of the user base)
- Discord IDs
While the leaking of Discord IDs might seem benign since anyone sharing a server can access them, the breach’s concern is that people can now associate these IDs with specific email addresses.
LEGAL DISCLAIMER: Yeah IPTV does not own or operate any IPTV service or streaming application. We do not host or distribute any applications. We do not verify whether IPTV services or app developers carry the proper licensing. The end-user shall be solely responsible for media accessed through any device, app, addon, or service mentioned on our Website.
For 100% legal IPTV service, Yeah IPTV recommends Vidgo.
After confirming the breach’s authenticity, Discord.io immediately suspended its services and began the shutdown process.
This move was further substantiated by a message on their official Discord server.
They also initiated the cancellation of all active paid memberships. However, as of now, the actual root cause or mode of the breach remains undisclosed.
Interestingly, the perpetrator, Akhirah, confirmed not contacting Discord.io about the breach.
Behind the Breach: Not Just About Money
Discord.io functions as a hub for individuals to find and join Discord servers based on different interests, from gaming to anime and more.
It even has a virtual currency system called Discord.io Coins, which some servers require for joining.
Akhirah, when questioned about the intention behind the breach, pointed out that their primary concern wasn’t just financial gain.
The hacker accused Discord.io of indirectly supporting servers and encouraging illicit and harmful content.
Their prime example: servers that reportedly promote pedophilia. They expressed their desire for Discord.io to blacklist such servers rather than turn a blind eye.
Additionally, Akhirah mentioned that most interested parties want the database for “doxing” or targeting people they have issues with rather than a genuine concern for illegal content.
The hacker seems to be waiting for Discord.io’s move, suggesting they might negotiate to remove harmful content in return for withholding the data.
Immediate Steps for Discord.io Members
If you’ve been a part of the Discord.io community, it’s crucial to understand the potential risks:
- Passwords: The passwords in this breach were hashed using bcrypt. This encryption makes the passwords challenging to crack due to its resource-intensive nature. Nonetheless, it’s always a good practice to change your password after such incidents.
- Phishing Attacks: With email addresses compromised, be wary of any unexpected emails, especially those prompting you for passwords or personal details.
- Stay Updated: Keep an eye on Discord.io’s official website or channels for any updates about the breach, potential password resets, or communications from the platform.
In an age where online platforms are increasingly becoming prime targets for cyber-attacks, users must be vigilant and informed.
This breach serves as a reminder of the importance of digital security and the need for platforms to prioritize the well-being and privacy of their users.
While the road ahead remains uncertain for Discord.io, we hope that the situation serves as a lesson for other platforms in maintaining robust security measures and ensuring their community’s safety.
For more information on this story, refer to the report from Stackdiary or the video below.
The official URL for this IPTV service is https://yeah-iptv.com/