"Hacked: A Friendly Heads-Up & Cautionary Tale to My Fellow Community Server Administrators"

#PokemonGO: Background: I am one of eight administrators for a local Discord server with ~1300 members. We've been in operation since June 2017 - and today, we got hacked. The information I'm sharing is intended to help other community server owners take the necessary precautions to avoid the same type of breach.​What Happened: I don't deal with the technical side of our server, but what I can competently tell you is that around 1146 EDT one of our third party bots created an infinite use, non-expiring invite code. At 1207 EDT, the chaos began. Within seconds, the same bot had banned 19 of our members, seemingly at random. It also completely wiped our 63 user channels.​1208 EDT: The treacherous bot began creating junk channels and filling them with spam messages and @everyone tags - meanwhile, it also continued to intermittently ban users.​1209 EDT: I banned the offending bot and a user account that had joined using the invite code it had created, and the activity ceased.​1219 EDT: I finished deleting ~40 spam channels and all of their contents, and began recreating our server channels.​1334 EDT: I finished recreating the bulk of our user channels and re-establishing permissions.​1548 EDT: I finished recreating most of the static text content (server rules, welcome info, etc.) that was lost. Myself and two other administrators finished assigning new channel permissions and restored order to the server (for the most part). We do not have any redundancies in place for the countless text posts, photos, informational cross-posts, and memories that were lost as a result - but as of 1600 EDT we are up and running, and able to begin anew.​**TLDR/Takeaways**​1) If possible, create redundancies. You may be a small community group, but you've put your time, effort, blood, sweat, and tears into creating your group - to have it all disappear in 120-180 seconds is a punch to the gut.2) If you use third-party bots, be sure to review the scripting for that bot in full, carefully apply security permissions, and, if possible, host the bot on your own server so that backend changes can't be made to the script without your knowing.3) Response time is key - the damage could have been exponentially worse if we hadn't responded so quickly and locked everything down.​Also, for everyone's reference, the name of the bot that caused these issues is Pokemon Quiz Bot - we installed it innocuously on our server 6-8 months ago as a possible outlet for our members to have a virtual trivia arcade; however, it didn't perform as we had hoped, so we scrapped that effort and found a different bot to serve our purposes. We never removed the bot or its security permissions.​I hope this can help some of you avoid the same trouble. Although this breach was foiled quickly and left no lasting scars, its potential impact ranged from nuisance to devastating. Good luck everyone! via /r/TheSilphRoad http://bit.ly/2GZWf9q