Pomelo massban incident: Difference between revisions

From Discord Client Modding Wiki
Jump to navigation Jump to search
m (Sqaaakoi moved page Main Page/Pomelo massban incident to Pomelo massban incident: this probably shouldn't be under main page)
(add pomelo incident)
Line 1: Line 1:
bad things happened
== Incident ==
TBW
On Tuesday, 9 May 2023, a number of Discord users were simultaneously banned. Users who were banned lost access to their accounts and were unable to log back in. Shortly after the incident, a [https://www.reddit.com/r/discordapp/comments/13d01h7/anyone_elses_account_randomly_disabled/ reddit post] was created on the r/discord subreddit. Discord staff u/coral-discord informed people that they were investigating the situation and asked affected users for their usernames. Within hours, the issue was resolved and affected users were able to log back into their accounts after resetting their passwords.
 
== Reason ==
Although the original reason is now known, people from the community started theorising about it in relation to Discord's new username change (pomelo). This change removed discriminators from usernames, making it impossible to have the same username as any other user. And as the feature was slowly being rolled out to users, some users wanted to check if their username had been taken. To do this, users would need to make an HTTP request to the Discord Pomelo endpoint.
 
The reason of this banning wave is believed to be users manually sending an http request to the pomelo endpoint with missing headers.

Revision as of 14:13, 8 August 2024

Incident

On Tuesday, 9 May 2023, a number of Discord users were simultaneously banned. Users who were banned lost access to their accounts and were unable to log back in. Shortly after the incident, a reddit post was created on the r/discord subreddit. Discord staff u/coral-discord informed people that they were investigating the situation and asked affected users for their usernames. Within hours, the issue was resolved and affected users were able to log back into their accounts after resetting their passwords.

Reason

Although the original reason is now known, people from the community started theorising about it in relation to Discord's new username change (pomelo). This change removed discriminators from usernames, making it impossible to have the same username as any other user. And as the feature was slowly being rolled out to users, some users wanted to check if their username had been taken. To do this, users would need to make an HTTP request to the Discord Pomelo endpoint.

The reason of this banning wave is believed to be users manually sending an http request to the pomelo endpoint with missing headers.