Discord Data Breach Plot Thickens As Third-Party Firm Denies It Was Hacked

A recent Discord data breach, which included users’ government issued IDs, has taken taken another twist after the hackers disputed the accuracy of the company’s disclosure. This time, 5CA, the contracting company Discord pinned the blame on for the breach says that its systems were never compromised.

5CA is speaking out after seeing multiple media reports that claimed it was the source of the sensitive data that was stolen. The company says that “contrary to these reports, we can confirm that none of 5CA’s systems were involved, and 5CA has not handled any government-issued IDs for this client. All our platforms and systems remain secure, and client data continues to be protected under strict data protection and security controls.“

Muddying the waters further, 5CA shared early findings from its investigation into this incident and believes it stems from “human error.” However, the company doesn’t explain what that human error might have been, nor does it state if that individual works for it or for Discord.


This has been a bit of a wild cybersecurity ride, with all three of the involved parties making conflicting statements about the incident. Hopefully, once thorough investigations have been completed by both 5CA and Discord, both companies will release the reports and provide full transparency.

Ultimately, this saga shows how risky it is for companies to hold onto data as sensitive as government issued IDs. However, with more governments demanding that apps and services conduct age verification checks, incidents such as this one will become more common.

Although, maybe seeing how this current breach is being handled might give lawmakers pause about continuing to push for age verification schemes that could end up harming citizens.