博客

[FCE] Hack of age verification firm may have exposed 70,000 Discord users’ ID photos | Social media | The Guardian

收听本期播客

阅读正文

In a troubling development for online security, Discord, a popular messaging platform widely used by gamers, has fallen victim to a significant cyberattack. Hackers recently infiltrated a third-party company responsible for handling Discord’s age verification processes, potentially exposing the personal data of approximately 70,000 users worldwide. The compromised information includes government-issued ID photos, names, email addresses, and some private messages exchanged with customer support. Fortunately, no passwords or complete credit card details were accessed. However, the attacker is now attempting to extort money from Discord by threatening to release the stolen data.

Discord, which has been operating for a decade, provides a space for users to connect via text, voice, and video chats. In several countries, including the UK, laws such as the Online Safety Act, introduced in July 2025, require platforms to verify users’ ages to shield younger individuals from harmful content. This often involves submitting official identification documents, especially when users are locked out of accounts and need to confirm their age. While this aims to enhance safety, it also makes companies managing sensitive data attractive targets for cybercriminals.

The breach came to light last week, though the full extent of the ID photo leak was only recently confirmed. Discord has acknowledged that an unauthorized individual accessed data through one of its external customer service providers. The company is taking steps to resolve the issue, but cybersecurity experts warn that such breaches are becoming increasingly frequent. They stress that even when tasks like age verification are outsourced, the primary company bears the responsibility for safeguarding user information. In response, the UK’s Information Commissioner’s Office has launched an investigation to ensure that appropriate measures are implemented.

This incident underscores broader concerns about online privacy and data protection. As more personal information is shared on digital platforms, the risks of such breaches grow, often with serious consequences for affected users. It also highlights the difficult balance companies must strike between ensuring user safety and protecting sensitive data. As cyber threats continue to evolve, both users and companies face mounting challenges in securing personal information in an increasingly connected world.

阅读练习

1. What is the main issue reported about Discord in the article?

  • A. A decline in the number of active users
  • B. A cyberattack exposing user data
  • C. A failure to comply with new laws
  • D. A technical problem with video chats

2. What type of information was NOT stolen in the breach?

  • A. Government-issued ID photos
  • B. Email addresses
  • C. Passwords
  • D. Private messages with support

3. Why are platforms like Discord required to verify users’ ages?

  • A. To prevent users from accessing paid features
  • B. To protect younger users from harmful content
  • C. To ensure users are from specific countries
  • D. To improve the platform’s security features

4. What do cybersecurity experts suggest about data breaches?

  • A. They are rare and easily preventable
  • B. They are becoming less of a concern
  • C. They are increasingly common
  • D. They only affect smaller companies

5. What does the article imply about the balance companies like Discord must achieve?

  • A. It is easy to protect data while ensuring safety
  • B. It is challenging to maintain user safety and data protection
  • C. User safety is less important than data protection
  • D. Data protection laws are unnecessary for user safety