Did you know you can customize Google to filter out garbage? Take these steps for better search results, including adding my work at Lifehacker as a preferred source.On Friday, Oct. 3, Discord announced that a third-party service provider it uses for customer service efforts suffered a breach. It warned a "limited number of users" who had communications with certain Discord teams were affected, though the "unauthorized party" did not gain access to any Discord networks directly. In that initial announcement, Discord said a number of user data types might have been stolen. That included their names, usernames, email addresses, billing information, last four digits of credit cards, purchase histories, IP addresses, messages with Discord service agents, and "limited corporate data," such as training materials and internal presentations. While all of this information is sensitive, it unfortunately isn't surprising to see as part of a breach like this. However, Discord also revealed that the hackers may have also gained access to a "small number" of government ID images, including driver's licenses and passports. As it turns out, that "small number" turned out to be 70,000. Discord confirmed as much to The Verge on Wednesday. If you were among these affected users, Discord will have reached out to you via email.Age verification is a privacy nightmareWhy did a Discord affiliate even have these users' government IDs to begin with? Age verification. Like many other companies, Discord now restricts certain content to minors. If you are incorrectly identified as underage, you're allowed to appeal and prove that you are at least 18 years old. To do so, you need to take a photo of yourself holding either a photo ID with your date of birth, or a piece of paper with your full Discord username. Discord outsources this work to a third-party, which hackers targeted in this data breach.As 404 Media reports, hackers suggest they've taken even more data than Discord has acknowledged. That includes data on whether users were verified or not; users' home towns, states or counties, and countries; info on whether they had multi-factor authentication turned on for their account; and the last time they were online on Discord.This event demonstrates the risks of companies requiring users to verify their ages by uploading government IDs. Users in Texas must verify their ages before they can download apps on their phones, while a number of states require the same before accessing adult websites. No matter where you live, YouTube will use AI to guess your age, and, if it gets it wrong, you'll need to prove your age yourself. The goal is to protect children and underage users from accessing content they shouldn't be seeing, but by doing it this way, companies are putting users at risk: They're asking you to trust them with your government IDs, credit cards, even selfies; or, if not them, a third-party affiliate. As we can see with this case, a lapse in security means tens of thousands of Discord users who were just trying to prove their age now have exposed government IDs. What happens when an entire state's population faces the same? Or a whole country's?