A hacker known as Lovely claimed to have breached Condé Nast’s user database, releasing a cache of more than 2.3 million records tied to WIRED. The data includes names, emails, addresses, and phone numbers, but no passwords were included in the leak.
The alleged extortionist has promised to leak an additional 40 million records across Condé Nast properties, including Vogue, The New Yorker, Vanity Fair, and others. Ars Technica, however, says it was not affected because it runs on its own bespoke tech stack.
The pirate claimed Condé Nast ignored patching efforts for months; their message read that the publisher does not care about user data security and that further data will be released in the coming weeks.
Industry observers have questioned the motive. DataBreaches.Net suggested Lovely may have used the patch-talk as a lure, while the hacker’s broader aim appears to be financial gain rather than altruistic action. Condé Nast has not issued a public statement as of this writing.
Hudson Rock’s InfoStealers published a detailed rundown of the disclosed material, noting the scope of exposed information across Condé Nast properties and the potential for further leaks in the near future.
