Consumer Rights Wiki

Discord: Difference between revisions

← Older editNewer edit →
VisualWikitext
Kikismess (talk | contribs)
confirmed
3 edits
m typo
OrwellsJester (talk | contribs)
confirmed
22 edits
m Add citations for Arc Raiders SKD Vuln and discord
Line 120: Line 120:
===SDK vulnerability with Arc Raiders integration (March 2026)===
===SDK vulnerability with Arc Raiders integration (March 2026)===
In March 2026, Timothy Meadows, a computer engineer discovered a privacy and security vulnerability that involved Discord's [[wikipedia:Software_development_kit|software developer kit (SDK)]] and integrations with the [[wikipedia:Arc_Raiders|Arc Raiders]] game.<ref>{{Cite web |last=Meadows |first=Timothy |date=3 Mar 2026 |title=Arc Raiders - Discord SDK Data Exposure |url=https://timothymeadows.com/arc-raiders-discord-sdk-data-exposure/ |url-status=live |archive-url=https://archive.is/pktbu |archive-date=2026-03-06 |access-date=8 Mar 2026 |website=timothymeadows.com}}</ref> This vulnerability affected the users with their Discord account linked with the game, allowing the software to log and store locally Discord private conversations, user credentials and other user information in an unencrypted log file. If the Arc Raiders game crashes, this file could be sent to the game developers. Embark Studios disabled the SDK integration after the incident was announced. <ref>{{Cite web |last=Klotz |first=Aaron |date=Mar 2026 |title=Arc Raiders was accidentally recording Discord conversations into an unencrypted local game file — vulnerability in SDK could log messages and credentials in plaintext |url=https://www.tomshardware.com/video-games/pc-gaming/arc-raiders-was-accidentally-recording-discord-conversations-into-an-unencrypted-local-game-file-vulnerability-in-sdk-could-log-messages-and-credentials-in-plaintext |url-status=live |archive-url=https://archive.is/kWBIf |archive-date=2026-03-07 |access-date=8 Mar 2026 |website=Tom's Hardware}}</ref> <ref>{{Cite web |last=Marnell |first=Blair |date=6 Mar 2026 |title=Arc Raiders Was Recording Private Discord DMs |url=https://www.gamespot.com/articles/arc-raiders-was-recording-private-discord-dms/1100-6538629/|url-status=live |archive-url=https://archive.is/2ZQ1M |archive-date=2026-03-08 |access-date=8 Mar 2026 |website=Gamespot}}</ref>
In March 2026, Timothy Meadows, a computer engineer discovered a privacy and security vulnerability that involved Discord's [[wikipedia:Software_development_kit|software developer kit (SDK)]] and integrations with the [[wikipedia:Arc_Raiders|Arc Raiders]] game.<ref>{{Cite web |last=Meadows |first=Timothy |date=3 Mar 2026 |title=Arc Raiders - Discord SDK Data Exposure |url=https://timothymeadows.com/arc-raiders-discord-sdk-data-exposure/ |url-status=live |archive-url=https://archive.is/pktbu |archive-date=2026-03-06 |access-date=8 Mar 2026 |website=timothymeadows.com}}</ref> This vulnerability affected the users with their Discord account linked with the game, allowing the software to log and store locally Discord private conversations, user credentials and other user information in an unencrypted log file. If the Arc Raiders game crashes, this file could be sent to the game developers. Embark Studios disabled the SDK integration after the incident was announced. <ref>{{Cite web |last=Klotz |first=Aaron |date=Mar 2026 |title=Arc Raiders was accidentally recording Discord conversations into an unencrypted local game file — vulnerability in SDK could log messages and credentials in plaintext |url=https://www.tomshardware.com/video-games/pc-gaming/arc-raiders-was-accidentally-recording-discord-conversations-into-an-unencrypted-local-game-file-vulnerability-in-sdk-could-log-messages-and-credentials-in-plaintext |url-status=live |archive-url=https://archive.is/kWBIf |archive-date=2026-03-07 |access-date=8 Mar 2026 |website=Tom's Hardware}}</ref> <ref>{{Cite web |last=Marnell |first=Blair |date=6 Mar 2026 |title=Arc Raiders Was Recording Private Discord DMs |url=https://www.gamespot.com/articles/arc-raiders-was-recording-private-discord-dms/1100-6538629/|url-status=live |archive-url=https://archive.is/2ZQ1M |archive-date=2026-03-08 |access-date=8 Mar 2026 |website=Gamespot}}</ref>
Before the incident was known, when an user linked their Discord account, a pop-up claimed that Arc Raiders "cannot read users' messages". {{Citation needed}}
Before the incident was known, when an user linked their Discord account, a pop-up claimed that Arc Raiders "cannot read users' messages". <ref>{{Cite web |last=Makar |first=Connor |date=2026-03-05 |title=Embark Studios rushes to fix Arc Raiders Discord integration bug as "serious privacy and security violations" may have exposed private Discord DMs, friends data, more |url=https://www.eurogamer.net/arc-raiders-discord-messages-security-problem-fix-incoming |url-status=live |website=Eurogamer}}</ref><ref>{{Cite web |last=Parker |first=Lewis |date=2026-03-05 |title=Arc Raiders Rushes Out Emergency Fix After Its Discord Accidentally Spied On Players |url=https://kotaku.com/arc-raiders-hotfix-discord-integration-2000676444 |url-status=live |website=Kotaku}}</ref><ref>{{Cite web |last=Lowry |first=Brendan |date=2026-03-05 |title=ARC Raiders recorded private Discord DM messages between players in "serious privacy and security violations" — Embark promises that your data is safe |url=https://www.windowscentral.com/gaming/arc-raiders-recorded-private-discord-messages-between-players-in-serious-privacy-and-security-violations |url-status=live |website=Windows Central}}</ref>


===Discord banning users taking action against child predators (April 2025 - Present)===
===Discord banning users taking action against child predators (April 2025 - Present)===
Retrieved from "https://consumerrights.wiki/w/Discord"