Today we discovered a post on Breach Forums in which a threat actor known as “placenta” claims to be selling a massive dataset of scraped Discord messages. According to the post, the actor is offering 348,392,718 individual records, allegedly obtained from Discord servers and spanning users primarily in the United States, France, and Russia.
🚨 Data Breach Alert
A threat actor is allegedly selling a dataset containing 348M+ scraped Discord messages, including user IDs, usernames, messages, timestamps, and more.
#DiscordLeak #CyberAlert #infosec pic.twitter.com/lrn7Xt2VuV— CyberSecurity88 (@CSec88) April 7, 2025
The actor specified the targeted servers as:
“Community/meeting servers, Gaming servers, Largest WW servers”
The data reportedly includes:
- user_id
- username
- display_name
- nickname
- message
- guild_id
- channel_id
- message_id
- reply_id
- timestamp
If legitimate, this could represent one of the largest leaks of Discord communications to date. The method of extraction remains unclear, though large-scale scraping or exploitation of bots and third-party integrations is suspected.
This isn’t Discord’s first brush with security issues. The platform has previously been used to host malware via its CDN, suffered exposed webhooks, and saw Discord.io shut down in 2023 after a breach affecting over 760,000 users. Additionally, phishing attacks have targeted Discord developer accounts and admin tokens.
As of now, Discord has not responded publicly to the alleged breach. Users are urged to remain cautious and update their privacy settings.
Follow us on X and Linkedin for the latest cybersecurity news
