Massive Data Breach on Discord! "Selfies You Thought Were Deleted" - The Biggest Weakness Created by Age Verification

In October, Discord disclosed that an external customer support contractor was compromised, potentially affecting around 70,000 users. The breach may have included ID images, names, emails, the last four digits of some payment information, IP addresses, and interactions with support. However, Discord denied the attackers' claims of **"1.5TB and 2.1 million images"** as exaggeration for extortion purposes. Official email notifications were sent to affected users, and investigations are ongoing in collaboration with authorities. On social media, there is a mix of distrust and anger, with questions like **"Is the ID deletion true?"**, criticism of the risks of centralized data storage due to regulations, calls for fact-checking, and practical advice such as phishing warnings and recommendations for two-factor authentication. The lessons from this incident include minimizing age verification data, limiting access permissions for contractors, and adopting zero-knowledge age verification to reduce recurrence.