HeadlinesBriefing favicon HeadlinesBriefing.com

Discord Hacked Teen Exposes Age‑Verification Shortfalls

Ars Technica •
×

Discord’s newest crisis erupted when a 13‑year‑old user was hacked after lying about her age. The attacker, exploiting a missing two‑factor authentication, locked the account and targeted dozens of classmates. Parents and regulators now question how the platform manages age verification and protects minors online.

Inside Discord’s systems, data dumps revealed the account’s age_group field set to ’13–17,’ confirming the company was aware of the teen’s true age before the breach. Yet the platform kept the user’s status at 18+, denying parents a way to enforce age‑appropriate controls or two‑factor protection and continuous monitoring for future security updates and alerts.

When the hacker demanded parents’ banking details, the father’s frustration grew. Discord’s support bot Clyde and human agent Nelly repeatedly closed tickets, insisting users report issues inside the app—a path inaccessible to a locked account. After four weeks and third‑party intervention, the account was finally restored under a new age‑verification process to ensure safety today.

The incident exposes gaps in Discord’s age‑verification logic and its reliance on automated support that can overlook minors’ crises. With 38 friends exposed to a social‑engineering scam, the platform must overhaul its reporting tools and enforce 2FA for all users. Until then, families face a fragile safety net on a popular chat app today.