If you’re not familiar with Discord, it’s a chat service that first opened to the public in 2015 and quickly grew in popularity having a base of 3 million users just one year later in 2016. Now in 2023 there are over 150 million users, and the platform has been valued at $7 billion.
Discord filled a niche that had been previously left vacant since chat services like AOL and MSN were discontinued. In the early 2000’s to 2010’s forum-based communication rose in popularity and left many chat rooms empty.
Now as trends have changed, chat has seen a resurgence in popularity with Discord acting as a vector for many special interest groups to gather and discuss their hobbies, or for consumers to follow live updates about a product they’re interested in and even speak directly with its creators and get an inside look into the development process. No matter what your interest is, gaming, home improvement, DIY, art, music – there’s probably a Discord channel dedicated to it.
Discord.io was a third-party website that allowed users to find and share chat channels, we’re unfortunately saying was because after the breach they announced their services would be closed for the “foreseeable future”.
On the website it says “"We are still investigating the breach, but we believe that the breach was caused by a vulnerability in our website's code, which allowed an attacker to gain access to our database. The attacker then proceeded to download the entire database, and put it up for sale on a [third] party site,". They’ve also listed the information that was released in the breach which included users encrypted passwords, their email and username, and even billing and payment information if they partook in a premium membership through the site.
While they’re not directly associated with Discord, this breach will still have an effect on Discord itself not just because this service has been discontinued but because of the overlapping data Discord and a Discord-centric third party application will have.
The unfortunate rub of it is when you utilize third party vendors for the products and services you use you’re sharing the same information with them as you are with everyone else, and a breach through an outside vendor can effect you as much as a breach to your business directly.
That’s why it’s important to vet your vendors and have protections in place to limit the effects a data breach can have. Protections can include:
- If the breach involves financial data that could be used for identity theft, consider freezing your credit. This will limit the damage someone can do with your identifying information. If you’re not ready or aren’t able to freeze your credit, then we suggest credit monitoring at the very least (often provided for free by banking and credit card companies).
- Don’t use the same password from one account to another. As we mentioned, password data was leaked in the Discord.io breach. While it’s encrypted data which is a good protection, many of these passwords will be cracked, and the people who purchased this information will try the password on users other accounts such as their email. If you use a different password for all of your accounts in unison with a password manager then a password leaked in a breach will only effect one account, greatly limiting the damage that can be done.
- Similarly to above, to protect your accounts from intrusion you SHOULD be using MFA (Multi-Factor Authentication). We recently posted another article outlining the benefits of MFA, but in a nutshell if a hacker has gotten enough information about you from data breaches they may be able to utilize it to gain access to your accounts – even WITHOUT a password. MFA will stop most hackers in their tracks.
Even with protecting yourself, it’s still a good idea to try to limit the funnel of information about you or your business that can unknowingly end up on the web through third party breaches. Here are 5 additional ways to protect your data:
Want to learn more about how to recover from a data breach, boost your cyber security readiness, or gain additional insight in the kinds of questions you should be asking your vendors about your data? Valley Techlogic can cover all these topics and more. Schedule a consultation with us today.
Looking for more to read? We suggest these other articles from our site.
This article was powered by Valley Techlogic, an IT service provider in Atwater, CA. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://twitter.com/valleytechlogic.
You must be logged in to post a comment.