According to the messaging platform Discord, the official ID photos of around 70,000 users were stolen by hackers. The app, popular with gamers and teenagers, said the hackers targeted a company responsible for verifying the age of its users. Discord said its own platform had not been hacked.<\/p>\n
The stolen data could include personal information, some credit card numbers, and messages to Discord customer service representatives, the company said. No full credit card details, passwords, or messages and activity beyond conversations with Discord customer support were leaked, it said.<\/p>\n
Discord said it has revoked access to the third-party service and is continuing to investigate. It said all affected users had been contacted. \u201cLooking forward, we encourage affected users to remain vigilant if they receive messages or other communications that may appear suspicious,\u201d it said.<\/p>\n
Until recently, such a hack could not have happened because companies had no need to process and collect age verification. Many governments are now introducing age verification for inappropriate or pornographic content, which means companies like Discord have to introduce age verification for a significant proportion of its 200 million active users. It’s a bit like how stores have to verify your age when you buy alcohol – just because it’s online brings a lot of extra complications.<\/p>\n
For example, a store won’t keep a copy of your passport after verifying your age. And it definitely won’t keep it in a huge safe, along with thousands of other passport photocopies stored right by the front door, ready to go. Online, it’s surprisingly easy to do just that.<\/p>\n
It’s worth noting that the age verification system used by Discord itself hasn’t been hacked. This system asked people to take a photo of themselves and then used software to estimate their age. Once the review was completed, the image was immediately deleted. The problem arose in the appeal process, which was forwarded to Discord by an as-yet-unnamed third party. If someone thinks the age verification system has mistakenly banned them from Discord, they can submit a photo of their ID to prove their age. This collection of images has been hacked. As a result, more than 70,000 IDs are now in the possession of hackers, according to Discord.<\/p>\n
There are ways to make age verification more secure. For example, companies could stop storing photo IDs (though then it would be impossible to know for sure whether their checks were accurate). And ID card advocates will point out that a proper government ID could avoid the need to send in pictures of your passport just to prove your age. You would instead use your digital ID, which remains securely on your device. But the best way to prevent data from being hacked is to never collect it in the first place.<\/p>\n
We are at the beginning of a crucial test: Can governments actually monitor the Internet? Or will the measures designed to make us safer actually end up making us less safe?<\/p>\n","protected":false},"excerpt":{"rendered":"
Introduction to Discord Hack According to the messaging platform Discord, the official ID photos of around 70,000 users were stolen by hackers. The app, popular with gamers and teenagers, said the hackers targeted a company responsible for verifying the age of its users. Discord said its own platform had not been hacked. Stolen Data The<\/p>\n","protected":false},"author":1,"featured_media":25002,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[36],"tags":[14049,2443,6093,14047,14048,14046,14050,493,1069,5540,420,5123,12371,11658],"class_list":{"0":"post-25001","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-business","8":"tag-age-verification-system","9":"tag-credit-card","10":"tag-customer-relationship-management","11":"tag-discord","12":"tag-instant-messaging","13":"tag-internet-police","14":"tag-internet-safety","15":"tag-mobile-app","16":"tag-password","17":"tag-personal-data","18":"tag-pornography","19":"tag-security-hacker","20":"tag-targeted-advertising","21":"tag-user-computing"},"_links":{"self":[{"href":"https:\/\/nanamedia.org\/en\/wp-json\/wp\/v2\/posts\/25001","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nanamedia.org\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nanamedia.org\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nanamedia.org\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/nanamedia.org\/en\/wp-json\/wp\/v2\/comments?post=25001"}],"version-history":[{"count":1,"href":"https:\/\/nanamedia.org\/en\/wp-json\/wp\/v2\/posts\/25001\/revisions"}],"predecessor-version":[{"id":25003,"href":"https:\/\/nanamedia.org\/en\/wp-json\/wp\/v2\/posts\/25001\/revisions\/25003"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/nanamedia.org\/en\/wp-json\/wp\/v2\/media\/25002"}],"wp:attachment":[{"href":"https:\/\/nanamedia.org\/en\/wp-json\/wp\/v2\/media?parent=25001"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nanamedia.org\/en\/wp-json\/wp\/v2\/categories?post=25001"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nanamedia.org\/en\/wp-json\/wp\/v2\/tags?post=25001"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}