While your password was encrypted to industry standards, if it was not unique, we urge you to update it on any other site where it might be similar.ĭiscord.io does not store any payment information, and all payments are processed through PayPal and Stripe. This should only concern a small number of people from before we exclusively offered Discord as a login option (starting in 2018).This should only concern a small number of people and corresponds to the billing address you gave us in order to make a purchase on our site before we began using Stripe.Either the one you provided at signup, or, for most of you, your current Discord e-mail address.Its inclusion in the breach does, however, mean that other people might be able to link your Discord account to a given email address. This information is not private and can be obtained by anyone sharing a server with you.Either the one you provided at signup, or, for most of you, your current Discord username.Potentially sensitive information about your account: Your last payment date and the expiration date of your premium membership.Your API key (this does not give access to your account, and was only available to less than a dozen users).Your coin balance, and current streak in our free minigame.Your status (moderator/admin/has ads/banned/public/etc).What data was leaked? Non-sensitive information about your account: The attacker then proceeded to download the entire database, and put it up for sale on a 3rd party site. We are still investigating the breach, but we believe that the breach was caused by a vulnerability in our website's code, which allowed an attacker to gain access to our database. We were made aware of the breach later on in the day, and after confirming the content of the breach, we decided to shut down all services and operations.
On the night of the 14th of August, Discord.io suffered a major databreach, resulting in content from our database being leaked to unknown actors.
0 kommentar(er)
