2 days ago
6
Messaging level Discord has said the authoritative ID photos of astir 70,000 users person been stolen by hackers.
The app, which is fashionable with gamers and teenagers, said the hackers targeted a steadfast liable for verifying the ages of its users. Discord said its ain level was not breached.
The stolen information could see idiosyncratic information, partial recognition paper numbers and messages with Discord's lawsuit work agents, the steadfast said.
No afloat recognition paper details, passwords oregon messages and enactment beyond conversations with Discord lawsuit enactment were leaked, it added.
Discord said it had revoked the third-party service's entree and was continuing to investigate. It said each affected users person been contacted.
"Looking ahead, we urge impacted users enactment alert erstwhile receiving messages oregon different connection that whitethorn look suspicious," it said.
Until recently, a hack similar this could not person happened, due to the fact that companies had nary request to process and cod proofs of age.
Now, truthful galore governments are pursuing the UK and introducing property verification for unsuitable oregon pornographic contented that a institution similar Discord has to rotation retired property checks for a decent information of its 200 cardinal progressive users.
It's a spot similar the mode that shops person to cheque your property if you're buying intoxicant - lone due to the fact that it's online, it comes with a batch of further complications.
A shop, for instance, won't support a transcript of your passport erstwhile they've checked your age.
And it decidedly won't support it successful a monolithic (yet strangely light) harmless on with thousands of different passport photocopies, stored close by its beforehand door, acceptable to beryllium taken.
Online, it's amazingly casual to bash conscionable that.
Read much connected Sky News:
AI 'distorting women online'
Pros and cons of integer IDs
Impact of caller online information rules
It's worthy noting that the property verification strategy utilized by Discord wasn't hacked itself. That strategy asked radical to instrumentality a photograph of themselves, past utilized bundle to estimation their age. Once the cheque was complete, the representation was instantly deleted.
The occupation came with the appeals portion of the process, which was supplied to Discord by an as-yet-unnamed 3rd party.
If idiosyncratic thought that the property verification strategy had wrongly barred them from Discord they could nonstop successful a representation of their ID to beryllium their age. This postulation of images was hacked. As a result, Discord says, much than 70,000 IDs are present successful the possession of hackers.
(The hackers themselves assertion that the fig is overmuch bigger - 2,185,151 photos. Discord says this is incorrect and the hackers are simply trying to extort money. It's a messy situation.)
There are ways to marque property verification safer. Companies could halt storing photograph ID, for lawsuit (although past it would beryllium intolerable to cognize for definite if their checks were correct).
And advocates of ID cards volition constituent retired that a due authorities ID could debar the request to nonstop pictures of your passport simply to beryllium your age. You'd usage your integer ID instead, which would enactment safely connected your device.
But the champion mode to halt information being hacked is not to cod it successful the archetypal place.
We're astatine the commencement of a defining trial - tin governments really constabulary the internet? Or volition the measures that are expected to marque america safer really extremity up making america little secure?
English (US) ·