Discord revealed Wednesday that about 70,000 users may have had sensitive data, including government ID photos, exposed after hackers infiltrated a third-party vendor the platform uses for age-related disputes.
Discord users will file an “age-related appeal” if the platform suspects they may be underage, or if they live in a location that requires identification to access the platform. In such cases, users will be asked to send a selfie with their government ID and Discord username to the platform's Trust & Safety team.
Discord said it has contacted affected users, but the leaked data may also include IP addresses, which could reveal general information about a user's location.
According to news site 404 Media, this data breach may be larger than anything previously reported by Discord. The hackers claim to have stolen 1.5 terabytes worth of data, which may include well over 70,000 images. A Discord spokesperson told The Verge that these claims are “inaccurate and part of an attempt to extort payment.”
The data breach of Discord users illustrates concerns expressed by digital rights activists about the use of age verification as a means to make the internet “safer.”
Age verification laws, which require users to upload sensitive information such as government IDs exposed in the latest breach, are enacted in about half of U.S. states and typically target websites hosting pornography. Pornhub, one of the most popular adult video sites, has completely blocked traffic from these states to avoid mandatory age verification.
The UK's Online Safety Act, which came into force in July, requires a wider range of platforms to verify the age of users, including YouTube, Spotify, Google, X and Reddit.
tech crunch event
San Francisco | October 27-29, 2025