So many companies do not understand this simple principle. Blast radius reduction. But no, they need to have everything online, and instantly accessible all the time. Because they can't possibly be inconvenienced with a short delay in case they ever want to look at that piece of data that they will never want to look at anyway.

It is going to take a long time before companies realize that data they don't need is a liability, not an asset.

It's just a standard helpdesk application.

You submit a ticket to Discord with the ID attached when the automated ID verification didn't work for you.

Once the ticket is dealt with, Discord could have a policy of deleting the IDs, but they don't.