A critical oversight in the production build of Embark Studios’ extraction shooter, Arc Raiders, inadvertently turned local player machines into surveillance logs for their own Discord accounts. According to security research findings, a vulnerability within the game’s integration of the Discord Game SDK caused private Direct Messages (DMs) and sensitive authentication credentials to be written in plaintext to unencrypted local storage. The issue, which stemmed from a development configuration left active in the live game, has since been patched.
The vulnerability was identified by distributed systems engineer Timothy D. Meadows, known in the security community as ‘birdgineer.’ Meadows discovered that the game was capturing ‘all events’ passing through the Discord gateway. This essentially meant that while a player was enjoying the premium title, the software was quietly transcribing their private communications and digital keys to a log file on their hard drive. Embark Studios deployed a hotfix around March 5-6, 2026, to disable the excessive logging, but the incident highlights a significant lapse in release configuration management.
How did Arc Raiders accidentally log private Discord messages?
The technical root of this exposure lies in the configuration of the Discord Game SDK (Software Development Kit). Developers use this SDK to integrate features like rich presence and game invites. Under normal development circumstances, engineers often use a setting known as LogLevel.Debug to track errors and ensure the integration is working correctly. This mode records a high volume of data regarding the application’s interaction with Discord’s servers.
However, best practices dictate that this logging level must be disabled or set to a less verbose level, such as ‘Error’ or ‘Warning,’ before a software build is shipped to the public. In the case of Arc Raiders, the LogLevel.Debug switch was left enabled in the production version. Consequently, the game engine dutifully recorded every piece of data transmitted through the Discord gateway. This included the content of private messages sent and received by the user while the game was running, storing them in a readable format on the user’s own computer.
What is the security risk of exposed Bearer tokens?
While the logging of private chat messages is a severe privacy violation, the exposure of Discord Bearer authentication tokens presents a more immediate security threat. A Bearer token functions effectively as a digital key; it allows a client to authenticate requests on behalf of a user. In the context of Discord, possessing a valid Bearer token is functionally equivalent to having a user’s username and password.
Timothy Meadows noted that the logs contained these tokens in plaintext. If a malicious actor were to obtain this log file—perhaps through malware designed to scrape local game directories or via a manually shared crash report—they could potentially gain full access to the victim’s Discord account without needing to bypass two-factor authentication. Meadows described the findings as representing "serious privacy and security violations" affecting all players utilizing the integration.
How has Embark Studios responded to the privacy leak?
Following the disclosure of the vulnerability, Embark Studios acted to patch the client. The studio released a hotfix in early March 2026 that disabled the debug logging, preventing further data from being written to disk. In a statement regarding the incident, Ossen, a Community Manager at Embark, emphasized the local nature of the data breach.
"Rest assured that your private and/or personal data was not sent outside your machine and Embark has not (and will not) review or keep such information," the statement read. The studio clarified that the logs were not automatically transmitted to their central servers. However, they acknowledged a specific vector for external exposure: if a player had experienced a game crash and manually submitted the resulting crash report to the developers, that report might have included the sensitive log files containing the credentials and message history.
Looking Ahead
This incident serves as a stark reminder that third-party SDK integrations are often the weakest link in game security, particularly when development tools bleed into production environments. While Embark’s rapid hotfix mitigated immediate damage, the presence of such a fundamental configuration error in a premium title released months prior suggests a gap in the final build verification process. For the broader industry, this underscores the necessity of automated checks for debug flags in production pipelines, as relying on manual oversight is evidently insufficient. Ultimately, while no mass exploitation was confirmed, the "it was only local" defense is becoming increasingly fragile in an era where information-stealing malware specifically targets these types of unencrypted local logs.
![Illustration related to Arc Raiders Discord Vulnerability: How DMs Leaked [Report]](https://bytewire.press/wp-content/uploads/bytewire-images/2026/03/arc-raiders-discord-vulnerability-leak-a1008ce869.webp)
![Diagram related to Arc Raiders Discord Vulnerability: How DMs Leaked [Report]](https://bytewire.press/wp-content/uploads/bytewire-images/2026/03/arc-raiders-discord-vulnerability-leak-c2fdaf8b38.webp)
