Nearly one million Discord users just had their account details – including usernames, IP addresses, and Discord IDs – exposed in a hacking forum.
However, Discord, the popular chat room service, doesn’t appear to have suffered from a data breach directly. Instead, a third-party backup solution known as RestoreCord has been breached.
As first noticed by cybersecurity website Leakd, a file containing a massive leak of Discord user data was posted freely on a popular hacking forum called BreachForums. The data, which includes users’ Discord IDs, IP addresses, and usernames, was posted by a BreachForums user with the handle “Sythe.”
Mashable Light Speed
RestoreCord is a service used by some Discord users to backup their servers on the platform. RestoreCord says on its website that it is “the only Discord Bot that you will ever need to protect and recover your server from raids, nukes, and more.” RestoreCord boasts that it serves 99 million members, including 100,000 paying customers, and backs up 55,000 Discord servers.
The FBI seized BreachForums last year after the site became a well-known haven for buying and selling stolen data. However, one of BreachForums’ domains popped back up just a few weeks after the May 2024 takedown.
BreachForums’ founder Conor Fitzpatrick was arrested in 2023 on a range of charges connected to the site. However, Fitzpatrick just recently made news a few weeks ago after a U.S. appeals court overturned the lenient sentence he originally received.
It is unclear as of publishing as to how the data was obtained or if there has been any malicious activity connected to what’s included in the leak. Mashable has reached out to RestoreCord for more information and will update this piece when we hear back.
