A new Discord-focused scraping tool claims to index billions of user messages, voice chats, and files for sale on a popular leak forum.
A data-scraping service operating out of Estonia has advertised access to 1.8 billion Discord messages collected from 35 million users. The service, posted on a well-known data leak forum, claims to offer not only messages, but also 207 million voice sessions, 6,000 Discord servers, and user profiles. Data is reportedly stored on servers in Russia to sidestep EU privacy laws.
The scraping service is being compared to the now-defunct Spy.Pet, which Discord shut down in 2024 for similar violations. Like its predecessor, this new platform appears to be aimed at enabling user surveillance and potential harassment.
According to Cybernews researchers, the scraping service appears to provide live updates to its data, though they could not confirm whether the records include content from private servers. In addition to reading data, users are offered options to pay for its removal either retroactively or to preempt future inclusion.
This mirrors tactics used by Spy.Pet, which bundled Discord data with information from linked services like Steam. That service was removed by Discord last year, and related bot accounts were banned.
The new scraper also claims to gather usernames from FiveM servers, a popular modding platform for Grand Theft Auto V, further expanding its dataset.
Cybernews analysts note that the service markets itself as a tool for researching or harassing users. It functions by aggregating publicly accessible data at scale, allowing individuals to search across massive message archives that would otherwise be difficult to collect manually. The creators’ decision to store data in Russia likely reflects a strategy to evade EU enforcement under GDPR. Discord has yet to comment, and the scale is currently unclear.
Not directly through Discord. Some scraping services, like the one in this case, offer paid options to remove your data or block future collection. However, this puts the burden on users rather than the platform.
Storing data in Russia may help the service avoid GDPR enforcement, as the EU has limited jurisdiction over Russian-hosted data and strained legal cooperation with the country.
Keep privacy settings strict, avoid joining public servers, limit linked account visibility, and refrain from sharing personal data in any Discord channel, public or private.
While scraping public data isn’t always illegal, using it for harassment, identity theft, or failing to comply with regulations like GDPR (e.g., “right to be forgotten”) can lead to legal consequences.
This case shows a growing need for proactive platform-level defenses like bot detection and user notification systems to address scraping before it escalates into broader harm.