A few days ago, I reported on the Discord data breach. Now, the story has taken a new turn. Hackers are claiming they stole information from 5.5 million users through Discord’s customer support system, including government IDs, partial payment details, and other sensitive data. Discord, however, continues to push back, disputing both the scale of the breach and the accuracy of these claims.
The hackers allege they accessed Discord’s Zendesk support platform, a third-party service the company uses for customer support. They claim the breach lasted 58 hours, starting on September 20, 2025, and was made possible through a compromised account of a support agent employed by an outsourced BPO provider. Discord has not confirmed this but emphasized that the incident involved a third-party service, not Discord’s own systems.
Once inside the portal, the attackers gained access to a support tool called Zenbar, which allowed them to disable multi-factor authentication, look up users’ phone numbers and email addresses, and perform other support-related tasks. They claim to have stolen roughly 1.6 terabytes of data, including 1.5 TB of ticket attachments and over 100 GB of ticket transcripts.
The hackers allege the breach affected 8.4 million support tickets from 5.5 million users, with around 580,000 users’ payment information exposed. They also suggest that more than 70,000 government IDs could have been compromised, based on 521,000 age-verification tickets. They also shared a sample of stolen data, which includes email addresses, Discord usernames and IDs, phone numbers, partial payment details, dates of birth, multi-factor authentication information, and other internal data.
Discord has disputed these claims, stating that only around 70,000 users may have had their government ID photos exposed. “This was not a breach of Discord, but a third-party service we use to support our customer service efforts,” the company told BleepingComputer. “The numbers being shared are incorrect and part of an attempt to extort a payment from Discord. We will not reward those responsible for their illegal actions.”
The hackers reportedly demanded a ransom of $5 million, later reducing it to $3.5 million, and negotiated with Discord privately between September 25 and October 2. After Discord released a public statement and stopped responding to the attackers, they threatened to release the stolen data publicly.
