There was an exploit in version 0.17.0 through 0.19.0 (fixed in 0.19.1) that, from what I understand, allowed people to view DMs of anyone by reporting them, but as you can’t know the ID of a given DM you’re not part of, they couldn’t really target a specific user, but rather would just send reports to a range of potential IDs and see what comes back.
There was an exploit in version 0.17.0 through 0.19.0 (fixed in 0.19.1) that, from what I understand, allowed people to view DMs of anyone by reporting them, but as you can’t know the ID of a given DM you’re not part of, they couldn’t really target a specific user, but rather would just send reports to a range of potential IDs and see what comes back.