Hackers have exposed 2.3 million WIRED subscribers to a heightened risk of phishing and other cyberattacks. The attackers are threatening to release 40 million more records allegedly stolen from Condé Nast, the publisher’s parent company.
A threat actor using the alias “lovely” has publicly released a massive data dump containing the personal information of 2.3 million WIRED users.
Have I Been Pwned, a data breach search engine, has already included this data, with entries as recent as September 8th, 2025. Subscribers and independent researchers have confirmed that at least some of the data is legitimate.
“We found a high confidence overlap between compromised users and the leaked database,” Hudson Rock, a cybersecurity company, said in a report on the leak.
“Our researchers identified legitimate subscriber credentials for wired.com within global infostealer infection logs. By matching these compromised credentials against the records in the leaked database, we have definitively confirmed the authenticity of the dataset without any interaction with the victim organization.”
If the threat actor is to be believed, a much broader compromise affects Condé Nast, an American mass media company.
“Condé Nast does not care about the security of their users’ data. It took us an entire month to convince them to fix the vulnerabilities on their websites. We will leak more of their users' data (40+ million) over the next few weeks. Enjoy!” Lovely posted on the illicit marketplace.
The current leak includes 2.3 million email addresses, 285,936 subscriber names, 102,479 home addresses, and 32,426 phone numbers.
“The attackers likely utilized Insecure Direct Object Reference vulnerabilities to scrape user profiles by iterating ID parameters, which would explain the massive JSON dumps appearing in these leaks,” Hudson Rock researchers said.
They also suspect that the critical account management endpoints lacked password validation. This potentially allowed the threat actor to view or even modify user credentials or email addresses across Condé Nast’s central identity system.
Dissent Doe reports that the threat actor made multiple attempts to contact Condé Nast, pretending to be a security researcher who wanted to disclose the incident. The attacker provided proof of access to help the company address the issue, but their malicious intentions only became clear later, when the hacker began leaking the data.
Lovely is a new account with no prior history on the illicit cybercrime forum. Cybercriminals are likely to be more cautious when hiding their identities and adhering to stricter operational security (opsec), following multiple arrests of infamous information leakers, such as IntelBroker, USDod, members of ShinyHunters, among others.
Condé Nast hasn’t yet confirmed the cybersecurity incident nor provided any official comments, and Cybernews will update the story with their response.
However, Hudson Rock warns potentially affected users of a higher risk of targeted doxing, spear phishing attacks, or even physical swatting, a practice where cybercriminals misuse location data to trigger law enforcement responses.
Unlock more exclusive Cybernews content on YouTube.
Your email address will not be published. Required fields are markedmarked