Discord.io shuts down after the data breach incident

Discord.io has temporarily shut down its operations after the data breach that affected 760k users. Currently, you can't reach the website, and it welcomes you with a message that mainly talks about the reasons behind the closure.

On Tuesday, Discord.io acknowledged that it had experienced a "major data breach," which led to a hacker obtaining the whole database. Discord.io released a statement saying, "We were made aware of the breach later in the day, and after verifying the content of the breach, we decided to shut down all services and operations."

"This information is not private and can be obtained by anyone sharing a server with you. Its inclusion in the breach does, however, mean that other people might be able to link your Discord account to a given email address," said Discord.io.

What happened to Discord.io?

Recently, someone using the name "Akhirah" advertised the sale of the Discord.io database on the newly established Breached hacking forums. Four user profiles from the stolen database were supplied as proof of the acquisition. For those who are unfamiliar with Breached, it replaces a well-known cybercrime site that was well-known for sharing and selling data stolen in prior breaches.

Both sensitive and nonsensitive data, including usernames, Discord IDs, emails, billing addresses, passwords, coin balances, API keys, registration dates, internal user IDs, and more, were exposed in the incident. No payment information is kept on the website's servers.

'Akhirah' claims that the hacked collection contains information on 760,000 Discord.io users, emphasizing the following information:

"userid","icon","icon_stored","userdiscrim","auth","auth_id","admin","moderator","email","name","username","password","tokens","tokens_free","faucet_timer","faucet_streak","address","date","api","favorites","ads","active","banned","public","domain","media","splash_opt","splash","auth_key","last_payment","expiration"

Data on 760,000 Discord.io members, according to the hacker who goes by the name "Akhirah," is said to have been stolen. According to Akhirah, the attack was partially driven by Discord.io's purported ties to child sex abuse content. If Discord.io removes those connections, the hacker informs Bleeping Computer that they are willing to keep the stolen data private, but the information is now being sold on a hacking site.

Discord.io is "still investigating the breach, but we believe that the breach was caused by a vulnerability in our website's code, which allowed an attacker to gain access to our database."

Advertisement