FB pixel

Discord partner’s manual age verification data breach includes selfies

Age check prompts begin for UK Xbox users
| Chris Burt
Categories Age Assurance  |  Biometrics News
Discord partner’s manual age verification data breach includes selfies
 

The breach of thousands of Discord users’ data appears to be worse than initially reported, as details of the age verification data lost to hackers are reported.

Zendesk is identified as Discord’s third-party customer support service provider by TheGamer.

The data is understood to have been breached from the company performing manual age verification for users appealing the facial age estimation decision provided by k-ID. Photos of government IDs were known to be among the stolen data. Now social media posts suggest facial photos and up to 2 million ID documents were included, and the hackers have claimed to have data from 5.5 million users, according to Bleeping Computer.

Storing ID documents and facial photos is not a regulatory requirement for any age assurance law enacted around the world, and thus a clear case of over-retention.

But Zendesk denies involvement and says it was not hacked. Discord pushed back on the reported size of the breach, and stated it is working with law enforcement and external security experts.

“Of the accounts impacted globally, we have identified approximately 70,000 users that may have had government-ID photos exposed, which our vendor used to review age-related appeals,” Discord told TheGamer in a statement.

Xbox users in the UK who want to use the system’s social features, like the text and voice communications features it has in common with Discord, will have to perform age verification soon, it appears.

Microsoft originally announced in July that age verification was coming to comply with the Online Safety Act, and Pure Xbox reports that the latest Xbox Update Preview includes prompts for adult users in the UK to verify their ages.

The Tech Giant offers age assurance through biometric facial age estimation, which it has been working on for more than a decade.  Users also have the option to submit a government-issued ID document or carry out mobile provider or credit card checks, and Microsoft says all data is encrypted.

Hopefully Discord’s partner caught the last note.

Related Posts

Article Topics

 |   |   |   |   |   | 

Latest Biometrics News

 

India scales farmer ID system for payments with KPMG support

The India office of influential accounting firm KPMG has explained how it supported the advancement of the country’s Digital Agriculture…

 

Digital ID systems fail migrants due to policy gaps, Caribou finds

A new report by research organization Caribou has warned that digital ID systems around the world have continued to deepen…

 

Hopae launches eIDAS 2.0, AMLR onboarding readiness tool

Hopae has launched a free self-assessment tool to help financial institutions offering customer onboarding and identity verification to evaluate their…

 

Certainty vs flexibility – does the UK need a Biometric Surveillance Act?

By Professor Fraser Sampson, former UK Biometrics & Surveillance Camera Commissioner Last week London became a city of two tales. Two…

 

TestMu AI releases testing tool for agent-produced code

TestMu AI (formerly LambdaTest) has launched Kane CLI, “a new browser automation tool that runs directly from the terminal,” and…

 

Travel biometrics making new connections

Airport biometrics projects and companies are breaking new ground and intersecting with other industry trends, from digital wallets to biometric…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Continue Reading

Biometric Market Analysis and Buyer's Guides

Most Viewed This Week

Featured Company

Learn More

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events