Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
Cloud customer service platform 5CA says its systems are secure, and “human error” is likely the cause of the breach.
Discord updated its data breach disclosure late last week, adding an important piece of information to its advisory.
“This was not a breach of Discord, but rather a breach of a third-party service provider, 5CA, that we used to support our customer service efforts,” Discord said on 9 October.
“This incident impacted a limited number of users who had communicated with our customer support or trust & safety teams.”
What had started as a relatively simple breach has so far ballooned into an incident impacting tens of thousands of Discord users who had shared government IDs with the chat platform to prove their age.
However, things have gotten even more complex, as 5CA – the third party named by Discord – has said its systems remain secure despite Discord’s claims.
“We are aware of media reports naming 5CA as the cause of a data breach involving one of our clients,” 5CA said in a 14 October holding statement on its website.
“Contrary to these reports, we can confirm that none of 5CA’s systems were involved, and 5CA has not handled any government-issued IDs for this client. All our platforms and systems remain secure, and client data continues to be protected under strict data protection and security controls.”
5CA said it was conducting a forensic investigation of “the matter” and is working with “the client” alongside ethical hackers and cyber security experts.
“Based on interim findings, we can confirm that the incident occurred outside of our systems and that 5CA was not hacked,” 5CA said (emphasis 5CA’s).
“There is no evidence of any impact on other 5CA clients, systems, or data. Access controls, encryption, and monitoring systems are fully operational and, as a precautionary measure, are under heightened review.”
5CA added that based on its investigation so far, the incident may have resulted from “human error” and the company is continuing to look into that possibility.
“We remain in close contact with all relevant parties and will share verified findings once confirmed,” 5CA said.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
