Discord.io, a third-party service that enables owners of Discord servers to create customized, personal Discord invites, has announced that it would shut down until further notice following a “major data breach” from “unknown actors” on Monday evening.
The breach has affected 760,000 users and the stolen information could include your discord.io username and your Discord ID, your email-address, your billing address, and a salted and hashed password if you signed up in 2018 or earlier.
Payment details are said to be safe because all payments are processed through PayPal and Stripe and the company does not store any payment information on their servers, and this information was not leaked, the company said in an article posted on their website.
Discord.io has confirmed the authenticity of the breach, by an entity acting under the name “Akhirah.” It is important to know that Discord.com is not affiliated with discord.io, a spokesperson from Discord told Stackdiary, “Discord is not affiliated with Discord.io. We do not share any user information with Discord.io directly and we do not have access to or control of information in Discord.io’s custody.”
Discord has revoked the oauth authentication tokens for any Discord user that has used Discord.io, so that app can no longer perform actions on behalf of those users until they re-authenticate3. Affected Discord users should change their passwords and enable multi-factor authentication (MFA).
You can read the full statement of Discord.io on their website – Discord.io has suffered a data breach.
The website’s official twitter also encourages users to directly contact their support team, in connection of the breached.
How to get in touch with DISCORD.IO's support team:
📧 E-mail -> support@discord.io
👥 Discord -> https://t.co/6vwuipbRzF
🐦 Twitter -> Click the button below!We suggest contacting us on Discord for a faster response time.https://t.co/7YMK6e7ovJ
— DISCORD.IO (@discord_io) April 10, 2021
