Close Menu
    Europa

    Violazione dei dati di Discord: estorsioni di 1,5 TB di dati e 2 milioni di foto di documenti d’identità governativi

    Share.
    View 29 Comments

    29 commenti

    1. BeardedBaldMan on

      There’s a bigger question here, “Why were the images of ID cards being held for one second longer than was necessary to confirm age?” secondly “Why were these images stored without being encrypted?”.

      I know what the answer partially is. It’s because they decided to use a generic ticketing platform not designed for PII for their PII sensitive processes.

    2. blogabegonija on

      This is eventually the future humanity is not ready for.

      Amen.

    3. edparadox on

      > Discord Data Breach – 1.5 TB of Data and 2 Million Government ID Photos Extorted

      Thank the UK for showing how stupid these laws are.

    4. Goatmannequin on

      So if I hoarded 2 million government IDs and then lost control of them as a private citizen, you know what would happen to me? Why aren’t these people in jail?

    6. Uhu0451 on

      This is a good reminder not to blindly follow what the government suggests. It’s not safe at all.

    8. r3dm0nk on

      Somewhere in that leak there’s a ticket with my discord nick

      That ticket is me snitching on one person breaking discord TOS because they were annoying a-hole

      I regret nothing

    9. Fun-Needleworker-794 on

      How many of those images will be used for ID fraud and AI models? Will the government care?

    10. LitmusPitmus on

      The fraud fallout of this is going to be bad. And the world has changed, banks are are on the hook for a lot more than they should be tbh. I would be furious at the government for this nonsense

    11. ShowBoobsPls on

      Can’t wait for the EU version of OSA to kick in…

      I hope I can avoid most of the verification stuff with a VPN

    12. SaraHHHBK on

      I see protecting the kids is working great.

      Companies need to be made responsible and people put in jail.

    14. Diggalumbolo on

      Company Leaders have to be accountable for every Action of their fucking Company!

    18. kagalibros on

      This is what I have been warning everyone about and have advised against as a cyber security analyst and expert consultant but no, never listen to me because the consultant grifter crypto finance bro is always right…

      I hope the EU squeezes them dry.

    23. T0ysWAr on

      My take is that we need to work on an open standard for government ID that protects privacy.

      This was well done for Covid app in UK

      Trying to simplify it:

      – you generate a private key in your phone’s Secure Enclave

      – you register the public keep with the government in a government ID service

      – the government ID service provide a derived public key service that merchants can reach to get a unique instance of a derived public key for your id

      Merchant don’t need any personal info

      You can auth to their service with your gov ID (no more passwords, local 2FA on your phone).

      You have a different public key for each merchant (no tracking)

    25. -CynicalPole- on

      It’s not the corps to blame for this, corps are what corps always has been. It’s stupid ass governments making such nonsense as age verification mandatory to blame – but then, not even giving a slightest fuck how it is handled.

    27. Butterbackfisch on

      Make TeamSpeak 6 without the mandatory account and I will never use discord again.

    28. Circo_Inhumanitas on

      Sucks for the people who’s ID’s got leaked, but I’m glad this happened so quick. Maybe now higher ups will recognize how incredibly stupid age verification like that is.

    29. smh_username_taken on

      Even without evil intent, keeping data secure is hard work, and if they don’t have to do it, they won’t, in the interest of cost control. Beyond actual tech giants like google, meta, apple that both have huge budgets and actual oversight from EU, and maybe some heavily regulated financial companies, anything customer facing is cowboy territory, if discord can’t keep it safe, you can forget about everyone else who is smaller. Usually these platforms have no alternatives so you can’t even “choose the more secure alternative”

    Leave A Reply