INTRODUCTORY STATEMENT
At Nourity, the integrity, security, and stability of our development operations, client relationships, and platform infrastructure are paramount. On May 27th, 2025, our executive team responded to a targeted internal security incident. This announcement outlines the facts, scope, and resolution of the event, as well as our continued commitment to transparency and operational excellence. We understand the trust our clients, developers, and community members place in our systems, and it is our responsibility to maintain that trust with clarity, honesty, and action. The following statement has been prepared to ensure that all members, clients, shareholders, and associates, are fully informed of the situation, its resolution, and our forward-looking security enhancements.
II. INCIDENT OVERVIEW
On May 27th, 2025, at approximately 10:22 Eastern Standard Time, Nourity experienced a deliberate and unauthorized breach of internal systems, perpetrated by a former bot-engineer who previously held limited operational permissions within our organizational communication platform. This individual took calculated steps to exploit their previously granted access—specifically to Discord-based systems that interfaced with our automated infrastructure, including integrations used for our internal development utilities and operational bots.
Upon gaining unmonitored re-entry, the individual deliberately circumvented normal protocol checks and utilized elevated access points that had not yet been revoked due to their recent departure. These permissions allowed the individual to infiltrate the bot token management system associated with our proprietary Company Intelligence framework—a custom infrastructure responsible for moderation tasks, automation, and internal efficiency tooling across various channels.
ONCE ACCESS WAS SECURED, THE FOLLOWING MALICIOUS ACTIONS WERE TAKEN:
Bot Credential Manipulation: The perpetrator forcibly reset and invalidated authentication tokens for several automated bots under our control. These resets effectively severed command pathways and revoked administrator oversight temporarily, causing bot-related systems to become non-functional during a critical window.
Targeted Channel Sabotage: The attacker proceeded to delete and manipulate multiple key communication channels within both our primary company Discord server and the affiliated cross-partner collaboration server, with the explicit intent to erase records, disorient personnel, and hinder real-time response capabilities.
Impersonation and Disruption: Under the façade of legitimate user identities and bot functions, the actor distributed false, inflammatory, and misleading messages. These messages were disseminated to sow confusion, cast doubt on the organization's stability, and undermine the credibility of the corporate infrastructure in the eyes of associates, clients, and community members.
III. WHAT WAS NOT BREACHED OR COMPROMISED
In the wake of this internal breach, Nourity wishes to provide full transparency to our clients, partners, associates, and community by clearly identifying what was not affected. After a complete forensic review by our internal systems team and external consultants, we can emphatically and unequivocally affirm the following: no client data, personal records, operational transcripts, or development assets were accessed, altered, exported, or compromised during the incident.
CLIENT DATA:
NO IDENTIFYING CLIENT INFORMATION WAS ACCESSED OR EXPOSED, THIS INCLUDES BUT IS NOT LIMITED TO:
Usernames, Discord handles, or client-specific identifiers
Payment records, invoices, or Robux transaction logs
Active or historical project data, timelines, or creative briefs
Internal communications between clients and development teams
All client-related documentation and archives are housed in externally hosted, AES-encrypted storage systems that operate independently from our Discord infrastructure. These systems are fortified behind multiple layers of access control and are not accessible via the bot panel or Discord permissions. To provide assurance and specificity, we detail below the categories of protected information that remained entirely secure and untouched.
IV. RESPONSE AND RECOVERY TIMELINE
UPON DETECTION, OUR EXECUTIVE AND SECURITY TEAMS TOOK SWIFT ACTION:
Immediate revocation of all API and token credentials that were connected to bot infrastructure.
Suspension of all internal roles and permissions that had access to automation services or moderation tools.
Deployment of restoration protocols using full-channel backups to recover all deleted content within an hour.
Audit-level analysis of server logs, admin actions, and user permission changes to trace the incident origin and activity.
Temporary suspension of non-critical operations to ensure safety and restore full functionality without risk.
By 6:30 PM EST, core operations had been stabilized, bots restored, and communication services re-established. The malicious actor was permanently removed from all platforms and blacklisted across our entire organizational infrastructure.
VII. QUESTIONS AND CONTACT
If you have any questions regarding this incident, you are encouraged to contact us directly. Our support staff and corporate team are ready to provide further clarification or arrange private discussions for sensitive client concerns.