Did you know you can configure Google to filter junk? Take these steps to improve search results, including adding my work to Lifehacker as a preferred source.
On Friday, October 3, Discord announced that the third-party service provider it uses to serve clients has been hacked. He warned that it affected a “limited number of users” who were communicating with certain Discord teams, although the “unauthorized party” did not gain direct access to any Discord network.
In this initial announcement, Discord stated that certain types of user data may have been stolen. This included their names, usernames, email addresses, payment information, last four digits of credit cards, purchase histories, IP addresses, messages with Discord service agents, and “limited corporate data” such as training materials and internal presentations.
Although all this information is confidential, it is unfortunately not surprising that it is part of such a breach. However, Discord also reported that the hackers may have also gained access to a “small number” of images of government IDs, including driver's licenses and passports. As it turned out, this “small number” turned out to be 70,000. Discord confirmed this in The Verge on Wednesday. If you were among these affected users, Discord will contact you via email.
Age verification is a privacy nightmare
Why did the Discord branch even have government IDs for these users? Age verification. Like many other companies, Discord now restricts certain content to minors. If you have been incorrectly identified as a minor, you have the right to appeal and prove that you are over 18 years old. To do this, you need to take a photo with your photo ID and date of birth, or a piece of paper with your full Discord username. Discord is outsourcing this work to a third party that was targeted by hackers in a data breach.
What are your thoughts so far?
As reported by 404 MediaThe hackers believe they have captured even more data than Discord has confirmed. This includes data about whether users have been verified or not; users' home cities, states or counties, and countries; information about whether multi-factor authentication is enabled for their account; and they were last online on Discord.
The event highlights the risks of companies requiring users to prove their age by uploading government-issued IDs. Users in Texas must prove their age before they can download apps to their phones, while a number of states require the same before accessing adult websites. No matter where you live, YouTube will use artificial intelligence to guess your ageand if he is wrong, you will have to prove your age yourself.
The goal is to protect children and minor users from accessing content they shouldn't see, but by doing so, companies put users at risk: They ask you to trust them with your government-issued IDs, credit cards, and even selfies; or, if not them, a third party affiliate. As we see in this case, the security breach means that tens of thousands of Discord users who were simply trying to prove their age have now exposed their government IDs. What happens when people across the state experience the same thing? Or an entire country?
