Hackers Threaten to Leak 2.1M Discord Users’ Passports, Licenses in Extortion Attack

Hackers have reportedly stolen more than two million government identification photos from Discord’s third-party support system and are now threatening to leak them unless the company pays a ￰2￱ breach, which occurred on September 20, involved Discord’s Zendesk instance, a customer service platform used by the company to handle user support and trust-and-safety inquiries. 2.1M Passport and License Photos Leaked in Discord Vendor Hack According to cybersecurity research group VX-Underground, the attackers claim to have exfiltrated 1.5 terabytes of data, including approximately 2,185,151 images tied to age verification ￰3￱ images consist of passports and driver’s licenses submitted by Discord users attempting to verify their age after being flagged by the platform’s automated moderation system.

Chat, we are cooked Discord is being extorted by the people who compromised their Zendesk instance They've got 1.5TB of age verification related photos. 2,185,151 photos tl;dr 2.1m Discord users drivers license and/or passport might be ￰4￱ number of e-mails — vx-underground (@vxunderground) October 8, 2025 In an update posted to its blog on October 3, Discord confirmed that an “unauthorized party” had accessed its third-party Zendesk ￰5￱ company said the incident affected a “limited number of users” who had contacted its Customer Support or Trust & Safety ￰6￱ emphasized that its own servers were not breached, and no user passwords, private messages, or authentication data were exposed.

However, the attackers’ claims go far beyond Discord’s initial description of a limited incident. VX-Underground shared screenshots of sample ID images allegedly taken from the breach, saying Discord was being extorted for the stolen ￰7￱ September 20, Discord experienced a security incident involving its customer service ￰8￱ incident resulted in the exposure of users' names, usernames, email addresses, limited payment information, IP addresses, and messages exchanged with customer ￰9￱ — Discord Previews (@DiscordPreviews) October 3, 2025 The leaked files reportedly include photos of passports, driver’s licenses, and other identity documents used for ￰10￱ has not confirmed the authenticity of the leaked samples but acknowledged that some ID photos were among the data ￰11￱ Discord’s official disclosure sought to minimize the scale of the incident, VX-Underground and other cybersecurity observers presented a different picture, alleging that the attackers are in possession of over 2.1 million user verification ￰12￱ group also published samples of the stolen documents to substantiate their claims and confirmed that Discord is being extorted to prevent a public ￰13￱ Discord clarified that full credit card numbers, CCV codes, and private messages were not exposed, experts warn that the stolen details could still be exploited for phishing, identity theft, or social engineering attacks.

Update: We have become aware that the perpetrators of this attack claim to have obtained 1.5 TB of age-verification photos totalling 2,185,151 images, which they are now using to extort Discord. ￰0￱ ￰14￱ — Discord Previews (@DiscordPreviews) October 8, 2025 The breach has reignited concerns over how digital platforms handle identity verification ￰15￱ users have expressed frustration online, noting that the company previously stated age verification information would be deleted immediately after ￰16￱ say the storage of appeal-related documents created an unnecessary privacy risk, as these images were kept on external ￰17￱ Hack Ignites UK Debate Over Digital ID Plans Security analysts say the breach highlights a recurring flaw in data-handling practices: even when companies outsource functions like customer support, sensitive information can remain exposed if vendors are not held to the same security ￰18￱ this case, attackers appear to have targeted Discord’s Zendesk environment directly rather than its primary infrastructure, taking advantage of the external system’s access ￰19￱ fallout from the incident has also spilled into broader political discussions in the United Kingdom, where the news has fueled public opposition to the government’s planned national Digital ID program.

I have received countless requests to campaign against digital ￰20￱ petition, at 2.8 million signatures shows: This is no fringe ￰21￱ is a national ￰22￱ here. ￰1￱ — David Davis MP (@DavidDavisMP) October 8, 2025 Following reports of the Discord hack, a petition opposing the initiative has surpassed 2.8 million signatures, with critics citing the breach as proof of the dangers of centralized digital identification systems that store large volumes of sensitive ￰23￱ Discord attack follows a series of similar intrusions targeting third-party service providers across the tech industry. Zendesk, which provides helpdesk software to numerous firms, has been used as a backdoor in several past ￰24￱ said it is now reviewing all external vendors and auditing access permissions to prevent future ￰25￱ of this week, the extortionists have not disclosed the ransom amount or the deadline for ￰26￱ enforcement agencies in the United States and Europe are reportedly investigating the case, but the authenticity of the hackers’ full dataset has yet to be independently ￰27￱ breach comes amid a renewed focus on digital identity security and user ￰28￱ year, Privado ID, a spin-off from Polygon Labs, introduced a web wallet that allows users to verify their age and identity using zero-knowledge proofs , a cryptographic method that confirms personal details without exposing underlying ￰29￱ technology has been touted as a privacy-preserving alternative to traditional document uploads like those used by Discord’s age verification process.