Almost one million Discord users have had their account information—comprising usernames, IP addresses, and Discord IDs—leaked on a hacking forum.

Curiously, the breach did not take place directly through Discord, the popular messaging platform. Rather, the leak stemmed from a compromised third-party backup service known as RestoreCord.

The cybersecurity site **Leakd** was the first to disclose the occurrence. A file containing the exposed data was posted on the hacking forum BreachForums by a user identified as “Sythe.” The compromised information encompasses Discord IDs, usernames, and IP addresses.

RestoreCord is a service aimed at assisting Discord users in backing up their servers. Per its website, it asserts that it is “the only Discord Bot that you will ever need to protect and recover your server from raids, nukes, and more.” RestoreCord caters to 99 million users, including 100,000 subscriber clients, and supports backups for 55,000 Discord servers.

BreachForums, where the data was leaked, has a contentious history. The FBI took control of the forum in 2024 after it gained notoriety for hosting stolen information. Nonetheless, mere weeks following its shutdown, one of its domains reemerged. The forum’s founder, Conor Fitzpatrick, was apprehended in 2023 on charges tied to the site. Recently, Fitzpatrick was back in the news when a U.S. appeals court reversed the lenient sentence he had originally received.

Currently, it is uncertain how the data was accessed or if any harmful activity has arisen from the leak. Mashable has contacted RestoreCord for additional information and will offer updates as they become available.