555/68 Tuesday, December 30, 2025
A hacker using the alias “Lovely” has published a database containing more than 2.3 million user records from WIRED[.]com on an underground hacker forum. Verification confirms that the leaked data is authentic and includes over 2.3 million email addresses along with subscriber identification details. Approximately 12% of the records contain real full names, and some entries also include home addresses, phone numbers, and dates of birth.
What is particularly concerning is the attacker’s stated motivation. The hacker claims that Condé Nast, WIRED’s parent company, failed to adequately protect user data. According to the attacker, attempts were made over several months to responsibly disclose vulnerabilities in the website through intermediaries, but these warnings were allegedly ignored. As a result, the hacker says the data was released to publicly expose the issue, while also threatening to gradually leak more than 40 million additional user records from across the Condé Nast network. This could potentially impact other major media brands such as Vogue, The New Yorker, Vanity Fair, and GQ in the near future.
The leaked database has now been ingested into the “Have I Been Pwned” service, allowing users to check whether their email addresses were affected. As of now, Condé Nast has not issued an official statement or clarification regarding the incident. This case serves as a stark reminder of the critical importance of timely vulnerability management and data protection, especially when handling vast amounts of personal information belonging to millions of users.
