Jay Peters reports:
5CA is a customer service support company that works with Discord. Recently, the chat platform said the vendor had been breached as part of a “security incident” where 70,000 government ID photos may have leaked. Now, 5CA says in a post on its website that it was “not hacked.”
According to Discord, “this incident impacted a limited number of users who had communicated with our Customer Support or Trust & Safety teams,” and “of the accounts impacted globally, we have identified approximately 70,000 users that may have had government-ID photos exposed, which our vendor used to review age-related appeals.” The company said that (emphasis Discord’s) “this was not a breach of Discord, but rather a breach of a third party service provider, 5CA, that we used to support our customer service efforts.”
However, on its website, 5CA shared its own statement, which I am including in full below (with emphasis 5CA’s):
We are aware of media reports naming 5CA as the cause of a data breach involving one of our clients. Contrary to these reports, we can confirm that none of 5CA’s systems were involved, and 5CA has not handled any government-issued IDs for this client. All our platforms and systems remain secure, and client data continues to be protected under strict data protection and security controls.
Read more at The Verge.