FB pixel

Discord partner’s manual age verification data breach includes selfies

Age check prompts begin for UK Xbox users
| Chris Burt
Categories Age Assurance  |  Biometrics News
Discord partner’s manual age verification data breach includes selfies
 

The breach of thousands of Discord users’ data appears to be worse than initially reported, as details of the age verification data lost to hackers are reported.

Zendesk is identified as Discord’s third-party customer support service provider by TheGamer.

The data is understood to have been breached from the company performing manual age verification for users appealing the facial age estimation decision provided by k-ID. Photos of government IDs were known to be among the stolen data. Now social media posts suggest facial photos and up to 2 million ID documents were included, and the hackers have claimed to have data from 5.5 million users, according to Bleeping Computer.

Storing ID documents and facial photos is not a regulatory requirement for any age assurance law enacted around the world, and thus a clear case of over-retention.

But Zendesk denies involvement and says it was not hacked. Discord pushed back on the reported size of the breach, and stated it is working with law enforcement and external security experts.

“Of the accounts impacted globally, we have identified approximately 70,000 users that may have had government-ID photos exposed, which our vendor used to review age-related appeals,” Discord told TheGamer in a statement.

Xbox users in the UK who want to use the system’s social features, like the text and voice communications features it has in common with Discord, will have to perform age verification soon, it appears.

Microsoft originally announced in July that age verification was coming to comply with the Online Safety Act, and Pure Xbox reports that the latest Xbox Update Preview includes prompts for adult users in the UK to verify their ages.

The Tech Giant offers age assurance through biometric facial age estimation, which it has been working on for more than a decade.  Users also have the option to submit a government-issued ID document or carry out mobile provider or credit card checks, and Microsoft says all data is encrypted.

Hopefully Discord’s partner caught the last note.

Related Posts

Article Topics

 |   |   |   |   |   | 

Latest Biometrics News

 

Digital ID is a tool for fraud prevention, or a system of control: Michael Nash

The way digital identity is commonly presented – as a tool for protecting against fraud and other benign uses –…

 

Medicare beneficiaries get new online identity verification options

The U.S. Centers for Medicare & Medicaid Services (CMS) announced that is rolling out what it calls enhanced login options…

 

Biometric IDV helps secure enterprise identity workflow

Enterprises are facing rising threats from deepfakes and synthetic identities, from attackers posing as employees to fake job seekers. Companies…

 

Trulioo bolsters C-Suite with three senior hires to meet AI demand

Trulioo has appointed a new chief risk and strategy officer, chief transformation officer, and chief financial officer as the company…

 

STCon edges in among established facial recognition accuracy leaders in NIST 1:N

A handful of new facial recognition algorithms have been added to the NIST FRTE 1:N Identification this year, but most…

 

EC’s use case manual explains age verification with EUDI Wallet 

The European Commission has published an age verification Use Case Manual, showcasing how citizens will be able to prove they…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Continue Reading

Biometric Market Analysis and Buyer's Guides

Most Viewed This Week

Featured Company

Learn More

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events