Discord cut ties with its age-verification partner after exposed code fueled federal-reporting concerns, months after a breach hit 70,000 users.
Communication platform Discord is under fire after its identity verification software, Persona Identities, was found to have frontend code accessible on the open internet and on government servers.
Nearly 2,500 accessible files were found sitting on a U.S. government-authorized endpoint, researchers pointed out on X. The files showed Persona conducted facial recognition checks against watchlists and screened users against lists of politically exposed persons.
In addition to verifying a user’s age, researchers found Persona performs 269 distinct verification checks, including screening for “adverse media” across 14 different categories such as terrorism and espionage. It then assigns risk and similarity scores to user information.
And the information was openly available. “We didn’t even have to write or perform a single exploit, the entire architecture was just on the doorstep,” wrote the researchers in their blog, adding they found 53 megabytes of data on a Federal Risk and Authorization Management Program (FedRAMP) government endpoint that also “tags reports with codenames from active intelligence programs.”
Discord has since announced it is cutting ties with Persona. The AI software, partially funded by Palantir co-founder Peter Thiel’s venture firm Founders Fund, continues to provide age verification services for OpenAI, Lime, and Roblox.
Both Persona and Discord confirmed to Fortune their partnership lasted for less than a month and has since dissolved. According to Discord, only a small number of users were part of this test, in which any information submitted could be stored for up to seven days before it would be deleted.
Discord’s safety overhaul missteps
This isn’t the first time a third-party vendor has come under scrutiny for mishandling sensitive user information for Discord, which is popular among gamers, students, influencers, tech professionals and other communities.
Last year, hackers accessed the government IDs to more than 70,000 who had complied with its age-verification requirements.
In a statement from Oct. 9, 2025, the company said the attack was “not a breach of Discord, but rather a breach of a third party service provider, 5CA.” Discord stated the breach affected only users who communicated with the company’s Customer Support or Trust and Safety teams.
“At Discord, protecting the privacy and security of our users is a top priority. That’s why it’s important to us that we’re transparent with them about events that impact their personal information,” the statement added. Affected users received an email if their government IDs, IP addresses, or limited billing and corporate data were leaked.
And earlier this month, Discord faced almost-immediate backlash after announcing it would default all accounts to teen-safety settings. Users seeking access to additional features would be required to verify their age using Persona.
“Rolling out teen-by-default settings globally builds on Discord’s existing safety architecture,” Discord’s Head of Product Policy Savannah Badalich said in the statement. The company “will continue working with safety experts, policymakers, and Discord users to support meaningful, long-term wellbeing.”
But after users quickly pointed out the October data hack, Discord amended the statement the following day to clarify that age verification would remain optional unless users wished to access age-restricted servers and channels.
Discord said it could determine the ages of most users using the “information we already have.” Most users would not have to upload government IDs and instead could opt for video selfies.
“We offer multiple privacy-forward options through trusted partners,” the addendum stated, adding “facial scans never leave your device. Discord and our vendor partners never receive it.”
Any identifying documents uploaded to Discord would be submitted to the platform’s third-party vendors and deleted quickly. “In most cases, immediately after age confirmation,” read the statement.
“IDs are used to get your age only and then deleted,” it continued. “Discord only receives your age — that’s it. Your identity is never associated with your account.”
However, a since-deleted version of Discord’s FAQ on age verification policies appears to contradict the company’s claims about how long government IDs are stored by the third-party vendor, in this case, Persona.
“Important: If you’re located in the UK, you may be part of an experiment where your information will be processed by an age-assurance vendor, Persona,” an archived version of the site reads. “The information you submit will be temporarily stored for up to 7 days, then deleted. For ID document verification, all details are blurred except your photo and date of birth, so only what’s truly needed for age verification is used.”
Persona gets personal
Persona CEO and cofounder Rick Song told Fortune that the files were not a vulnerability, but instead, publicly accessible frontend information. “What was found was uncompressed files of a front end that’s already on every single person’s device,” he said, adding the information is available on the company’s help center and API documentation. “I don’t think having uncompressed files online is good,” Song went on, but added the information found by the researcher is the uncompressed version of a company’s compressed source map online.
“I think this is one of these in which the contents of it seems scarier, but…internally, we didn’t consider this even a major vulnerability.”
Song still considers the partnership between Persona and Discord to be a success. “I think the performance of the product did incredibly well,” the CEO told Fortune. “The reason why we were able to say that all data was redacted immediately is because the data was redacted; it had already been redacted upon processing. It’s not like it was due to the termination of the contract that we delete the data. It’s deleted immediately after a verification of the individual.”
Song denied any ties to Palantir, ICE or the government, but said the company is going through FedRAMP authorization. “We are trying to get FedRAMP and the goal of that is we do a lot of work for workforce security,” which uses a whole other set of information to confirm an employee is who they say they are, than compared to a user on a social media platform verifying their age.
In response to the 269 kinds of verification checks, these are all options Persona offers, said Song, but it does not necessarily mean a client would need all of them. In essence, the needs of a social media platform for age verification would not be the same as an employer conducting a background check.
Over the weekend, Song denied that Persona—which also offers Know Your Customer (KYC) and Anti-Money Laundering (AML) solutions—links facial biometrics to financial records or law enforcement databases. Song posted screenshots of an email exchange with the researcher “Celeste” on X, stating the researcher’s implication of some connection between Persona, Palantir and ICE has led to threats against members of the company.
“We have no relationship whatsoever with ICE, Palantir,” Song’s screenshot of the email exchange read. The CEO added that some of the members of the company who have received backlash are new grads or people who have recently signed on. “I don’t think these people are the ones that the public’s ire should be directed at, and if anyone, it should be directed at me.”
Song was also attacked for his lack of personally identifiable information online. A user on X posted a screenshot of the CEO’s LinkedIn profile showing Song with a verified badge but lacking a profile photo. Persona handles LinkedIn’s identity verification requests.
In response, Song wrote, “I am verified. That’s the entire point. It’s dystopian that we want people to facedox themselves to everyone to be real online. It’s ironic that folks posting about privacy want me to facedox to everyone.”
Read the original article
Comments
The referenced write-up based on the Persona front end code is here:
https://vmfunc.re/blog/persona
I definitely recommend reading this primary source before drawing conclusions about the code as most of the secondary reporting is quite low quality.
Note also there's a direct response from Persona's security team here[1], and a lot of back and forth from Rick on Twitter[2].
[1]: https://withpersona.com/blog/post-incident-review-source-map...
[2]: https://x.com/Persona_IDV/status/2025048195773198385?s=20
> About the name: The subdomain was called onyx, a reference to the Pokémon Onix (a Pokémon made of multiple boulders, fitting for a multi-node architecture). It was an informal codename chosen by the engineer. It had no connection whatsoever to Fivecast ONYX, an unrelated 3rd party commercial product previously used by ICE. We understand this coincidence caused confusion, and we address it further below.
By UqWBcuFx6NV4r 2026-02-2423:512 reply The fact that this is even being discussed is truly a bad smell of bad-faith “dig up anything that sounds bad” “reporting”
By tharkun__ 2026-02-251:10 Yeah I'd sorta second that actually. I can't "judge" on everything they say in the blog post. But some things I definitely recognize as "bad-faith".
Well duh, yes, DataDog does have those capabilities. Doesn't mean you use all of it, just coz you use RUM in general. We also use DataDog and RUM. But we also use filtering, including filtering out the known PII sources we have in our specific case (non-FedRAMP) and we don't have entire session recording enabled for example and we only sample.Datadog RUM (browser-intake-datadoghq.com) - real-time user monitoring. every click, every page load - on a FedRAMP platform processing PII and biometrics.Yet no mention of that in the post. They just assume that they must be sending PII from a FedRAMP site to DataDog. No proof of what data actually does get sent.
By sghitbyabazooka 2026-02-255:48 people turn a blind eye because it's what they want to hear. so do i, despite not being a fan of the author's past works and way of life
By dvfjsdhgfv 2026-02-2420:421 reply Twitter requires login to view the replies, might use an alternative:
By tetromino_ 2026-02-2423:56 It doesn't appear that any of the replies contain anything of substance
By bondarchuk 2026-02-2414:58 Submitted 6 days ago but flagged https://news.ycombinator.com/item?id=47059129
@dang can this get a second chance?
I read it and, maybe it’s because I’ve spent too much time in fintech, I don’t share most of the concerns.
The differences in proclaimed data retention periods is concerning though. The rest is par for the course for KYC/AML.
By bri3d 2026-02-2422:42 I agree; I didn't want to editorialize too much as I think the writeup stands on its own.
My takeaway was that in this case, even an author with a clear and extreme bias against this sort of thing could find only unfortunately-common bad practices rather than deeply nefarious intent. Of course, this is just the front-end code, but this just looks like a KYC platform to me. Most of the secondary reports on this write-up seem to completely ignore section 0x13 and jump to the specific conclusions the author does not draw.
The fact that we've created a system where Discord need and want a KYC platform is a different and quite strange thing, but the KYC platform itself just looks like what it says on the tin.
By nebezb 2026-02-2615:43 Any time you interact with the financial services industry in a meaningful way, they are doing almost exactly all of these checks on you. It is mandated by law, and they're overseen by FINTRAC in Canada and FinCEN in US.
When you applied for a bank account for your freelancing business (or startup idea), some people googled you, looked for PEPs (politically exposed persons) in your family, stored photos of your IDs and probably even printed them off, and sent everything in a nice package to some "risk" department. Who knows how that department is handling your data.
The only difference is that Persona is trying to put a front-end on it and selling the process as a SaaS. Look up "KYC/KYB saas" and you'll find hundreds of businesses doing this (including, of course, Persona).
edit: I want to emphasize that this isn't restricted to just business banking. Poor wording on my part. Lots of industries are legally mandated to conduct KYC/IDV. Notaries do it in home sales, your stock brokerage is doing it, employers in regulated industries do it to everyone on payroll. The list is very long. Unfortunately...
The government should take on responsibility for KYC imo, instead of letting 100 vendors come up with their own solutions. But that would probably have some nasty externalities.
Good article but the web site gave me eye and ear cancer.
Please make it actually readable and don't steal my audio!
By BoredPositron 2026-02-2415:572 reply [flagged]
There is more than “unique web design” that cause reading issues with that article. For one the lowercase and as well as arcane keywords and organization. Not mention the autoplay music. I have communicated this to the author and they shrugged it off.
By BoredPositron 2026-02-2416:212 reply >> Please don't complain about tangential annoyances—e.g. article or website formats, name collisions, or back-button breakage. They're too common to be interesting.
By righthand 2026-02-2416:26 Yes most of us have read the rule. And I wasnt complaining in my comment I was directing the author as to why their submission was getting complaints and flagged.
Stomping your feet that it doesn’t matter when people are telling your article is slightly unreadable really doesn’t make you or your article worthwhile to invest time in. No matter how good it is.
Have a quirky website fine, but if you have important information you want to be taken seriously for, maybe consolidate that information into a more accessible format. Otherwise people will tell you AND do otherwise.
By dgxyz 2026-02-2416:30 It's all of those, many more and does the content injustice.
Don't talk about the bad things does no one any good.
Reading mode doesn't work on Safari for me... I get a paragraph and sod all else.
So respectfully, do not make assumptions. And if you want someone to read the content, don't surround it with shite.
By BoredPositron 2026-02-2416:161 reply [flagged]
By dgxyz 2026-02-2416:24 I didn't flag it. I wouldn't unless the content was problematic, which it is not!
By dunder_cat 2026-02-2414:541 reply Seems to be down for me. https://web.archive.org/web/20260220192124/https://vmfunc.re...
By beacon294 2026-02-2417:55 It's up.
By cloverich 2026-02-255:00 And his follow up here: https://vmfunc.re/blog/persona-2
By pavel_lishin 2026-02-2415:201 reply Some of the most interesting authors in tech on the internet have just absolute awful websites. Blinking animations everywhere, weird sounds, "cute" little javascript animations like it's 1999 again.
By john_strinlai 2026-02-2415:272 reply the last time the website was submitted, over half the comments talked about website design instead of the actual content. we can probably skip doing it again.
different people have different tastes. people complain about boring websites, people complain about websites with animations or colors. the only guarantee is that the conversation isnt interesting.
if you are on the side that doesnt like music, animations, whatever, i recommend a combination of noscript and using reader mode.
The layout and design is a matter of taste. I actually find websites like OP refreshing to see.
Blasting music or sound on auto play when you aren't directly navigating to audio or video content is just rude.
It's the same as playing your speaker on the subway.
This is my problem with it. Put in a mute button if you're going to do this, otherwise it's just user hostile. No problem with stylized websites and fun animations.
Why not use your main account to post this, unless you mean it was submitted less than 4 days ago when your account was created? Genuinely curious what benefit a fresh account gives you here?
By john_strinlai 2026-02-2420:402 reply >unless you mean it was submitted less than 4 days ago
maybe you are unaware, but you can browse HN without an account, and you can browse previous submissions (years back, even!). its not like i can only see posts made in the last 4 days.
second, i saw the original post because it was posted in this very comment chain we are on, 5 hours ago, by bondarchuk (https://news.ycombinator.com/item?id=47137961).
my turn! what is your comment trying to accomplish by cross-examining me about something completely unrelated? what point are you trying to make?
if you think my comment is wrong, you should talk about the contents of the comment, not the age of my account.
>not the age of my account.
Sounds like you're practicing creating AI bots and have modeled the personality after the other rogue ones.
By john_strinlai 2026-02-2421:421 reply amazing comment from a 13 year old account. really embodying the spirit of the HN guidelines. thanks for the warm welcome.
so, what exactly, are you basing your accusation on?
was it me saying "use noscript and reader mode" or maybe "people have different opinions"? or just by nature of having created an account after you created yours?
this sort of accusation is what will drive HN to be a shit community to participate in. just accuse anyone you slightly disagree with as being a bot/ai
im not even sure what your issue, or rezonants issue with me even is! all i said was different people have different opinions, and you two are crawling up my ass about it. lets hope we never have to talk to each other about anything slightly important.
You seem like a very nice person. I'm sure you're great at parties.
By john_strinlai 2026-02-2513:51 very cool insult, i am in absolute shambles.
but, uh, why are you insulting me? is this an example of "interacting in good faith" that you told me i should be doing?
it would be great if dang or tomhow could chime in on this, and let me know if your comment here is a good example for me to follow!
By vincnetas 2026-02-2419:25 yeah no. i was listening to background music of my choice while browsing the internet.
By tofuahdude 2026-02-2417:281 reply That was a great read, very interesting!
By shevy-java 2026-02-2417:044 reply I am not convinced.
Teter Piel (don't want to use the other name) kind of purchased a LOT of influence power via lobbyists. One lobbyist is Sebastian Lurz (also not going to use the real name here; the letter "l" is an in-country humourous take on Lüssel, Lasser and so forth - ex-politicians). The superrich buy influence and worsen the situation for the rest of us. This has to stop. The USA is currently under direct control of them - this also has to stop. I do not buy into Discord's attempt here though - they 100% knew what they were doing. The only reason they respond in this way is because they alienated and scared their user base with their idea to sniff-invade everyone. It was never about protecting kids in the first place - it was to spy.
By rogerrogerr 2026-02-2417:154 reply This refusal to use people’s names comes across as childish and distracts from your intended point.
By ibejoeb 2026-02-2417:56 And it diminishes search accuracy. You can publish a reasonable criticism, but if people don't see it, you're not changing minds.
By amingilani 2026-02-2417:243 reply To me it feels pragmatic.
I find it more concerning that mass surveillance has come to the point where someone can’t safely express their frankly-not-that-controversial opinions without obfuscating the subject’s name.
By rogerrogerr 2026-02-2417:262 reply So you think that the state has massive surveillance systems (definitely) that it is willing to use maliciously (maybe), but in the age of LLMs is fooled by swapping some letters around? Seems like the threat model is unlikely to line up with reality.
By distortionfield 2026-02-2417:304 reply It’s not a “maybe”. This administration was collecting lists of people who spoke negatively about ICE from social media like a week ago. you really think they’re going to send them gift baskets or something?
By john_strinlai 2026-02-2417:342 reply the point rogerrogerr is making is that a government is not going to be tripped up by "teter piel", just like you werent.
By nozzlegear 2026-02-2418:291 reply SOTA LLMs couldn't even correctly answer whether a person should drive a car to the car wash or walk there themselves just a week ago, so it's plausible the government's tech might be tripped up here. Costs nothing to try it, at least!
By john_strinlai 2026-02-2418:361 reply this isnt particularly against you, knowing your comment is mostly in jest, but: not everything needs to be, or should be, thought about in an "llm-first" way.
a simple regex will surface all of the "obfuscated" comments, which can then be sent to some intern analyst to read.
> This administration was collecting lists of people who spoke negatively about ICE from social media like a week ago.
Source for this? This goes against many values of the US, so I'm surprised to see this statement thrown out so nonchalantly.
By distortionfield 2026-02-251:19 Yup, absolutely I do.
https://www.nytimes.com/2026/02/13/technology/dhs-anti-ice-s...
By rurp 2026-02-2417:56 You think Teter Piel is going to fool Palantir spyware?
By amingilani 2026-02-2421:20 I didn’t say it was state sponsored mass surveillance, nor did I say the method of obfuscation was good.
Just that it’s a pragmatic approach (no matter how flawed in practice) and concerning that it needs to be done.
By mikestorrent 2026-02-2421:10 I'm happy to name Peter Thiel in a comment here. What's he going to do, come and drip forehead sweat at me?
It hasn’t come to that though, you can freely express that persons point with no repercussions outside of maybe not getting a check one day from the person you hate
By nozzlegear 2026-02-2418:461 reply Beyond just the concept of thought crime, one of the themes in Orwell's 1984 was that the government could arbitrarily decide that a thing you've done could be punished at any time. You didn't need to break a law to be punished by Big Brother, you just had to be a thorn in its side. In our world, the government/Palantir/ICE collecting the identities of people who criticize them is the kind of infrastructure that makes that arbitrary punishment from 1984 possible.
By convolvatron 2026-02-2420:26 its important to point out that its not about being a thorn in the government's side. you just have to not submit fully. in fact, even if everyone did submit completely, a fair number of people would still need to be rounded up and tortured just to keep the fear alive.
It's a useful deterrent against defenders (actual or bots) coming and drowning people out
That is a good idea. Yeah I often wonder if people that actually are not apart of this community just troll by searches.
By gib444 2026-02-2421:20 I'm sure there are whole companies that do that kind of "reputation management". Modern tech savvy PR firms etc
I personally experienced it when criticising (turns out quite rightly) the HS2 rail project. The difference in replies on Reddit whether I wrote HS2 or eg |-|S2 or H/S/2 was stark
By vultour 2026-02-2421:07 Considering the things he is directly responsible for, he might as well be.
By thefz 2026-02-255:53 The problem with Discord is their upcoming IPO, and reconciling the fact that their only valuable asset is their userbase - and their billions of messages - with a way to sell this asset and make it valuable to the investors in some way.
By cratermoon 2026-02-2417:33 Remember the good ol' days of the last century when we worried about Big Government spying on us?
By mentalgear 2026-02-2415:081 reply Everyday someone cuts ties with Palentier's Peter Thiel (or the rest of the digital mafia), it's a good day for society as a whole.
By throawayonthe 2026-02-2511:28 afaik the term "proscribed organization" is used nigh-exclusively in the imperial core, so i'm not sure how that applies here
