Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Third-party services. Show all posts

Discord.io Acknowledges Data Breach: Hacker Exposes Information of 760K Users

 

The Discord.io custom invitation service has temporarily ceased its operations due to a data breach that has exposed the personal details of approximately 760,000 members.

Discord.io, while not an official Discord platform, functions as a third-party service that enables server owners to generate custom invitations for their channels. The community largely revolves around the service's Discord server, boasting a membership of over 14,000 users.

According to the threat actor, the database contains the information for 760,000 Discord.io users and includes the following types of information:

"userid","icon","icon_stored","userdiscrim","auth","auth_id","admin","moderator","email","name","username","password","tokens","tokens_free","faucet_timer","faucet_streak","address","date","api","favorites","ads","active","banned","public","domain","media","splash_opt","splash","auth_key","last_payment","expiration"

The breach has exposed sensitive information, including usernames, email addresses, a small number of billing addresses, salted and hashed passwords (in a limited number of cases), and Discord IDs. The disclosure of Discord IDs, while not deemed private, raises concerns about the potential linkage of Discord accounts to specific email addresses.

Following initial reporting by StackDiary, Discord.io has acknowledged the breach's legitimacy through notifications on its Discord server and website. Consequently, the service has taken the decision to temporarily suspend its operations.

A statement on the Discord server of the service conveys, "Discord.io has fallen victim to a data breach. We are halting all activities indefinitely." More information is available on their designated "#breach-notification" channel, and an identical message is slated for an upcoming update to the website.

Discord.io's website outlines a sequence of events that led to their discovery of the breach subsequent to a post on a hacking forum. The veracity of the leaked data was swiftly confirmed, prompting the temporary shutdown of services and the discontinuation of all paid memberships.

Discord.io maintains that it has not received any communication from the responsible party behind the breach, nor has it disclosed details regarding the method of infiltration.

In a conversation with the seller of the Discord.io database, identified as Akhirah, BleepingComputer verified that the Discord.io operators have not engaged in dialogue with them. Akhirah emphasized that their motivations extend beyond financial gain. 

They assert concerns about Discord.io's alleged associations with illicit and harmful content, emphasizing a desire for the removal of such content in lieu of selling or releasing the pilfered database.

The Discord.io platform functions as a directory facilitating searches for Discord servers aligned with specific interests, providing access via invitations that sometimes require the site's virtual currency, Discord.io Coins. The site's terms of use allocate responsibility for content to its members, although the operators retain the right to eliminate any content deemed illegal or violative of guidelines.

Archived versions of the site display a range of Discord servers catering to diverse interests, encompassing areas like anime, gaming, and adult content. Akhirah underscored concerns over the sale of the database, not solely for financial purposes, but due to the platform's purported links to objectionable and illegal materials.

The hacker also indicated that while significant interest surrounds the database, the majority emanates from individuals seeking to exploit it for purposes such as doxing adversaries. Akhirah expressed a preference for the Discord.io operators to address the alleged offensive material's removal from the site as a condition for not disseminating the stolen database.

Discord.io members are advised to exercise caution, as the hacker affirms that the database has not been sold; however, members should remain vigilant against potential misuse of their data. The passwords compromised in the breach are secured using bcrypt, which is computationally intensive and resistant to rapid decryption. Nevertheless, the leaked email addresses could be exploited for targeted phishing endeavors, facilitating the theft of further confidential information.

Therefore, individuals associated with Discord.io should remain alert to unsolicited emails containing links to websites soliciting passwords or additional personal details. For updates pertaining to the breach, the primary website should be monitored, as it is expected to provide guidance on potential password resets and communications from the service.