In a significant cybersecurity breach, a hacker identifying as “Lovely” has reportedly compromised Condé Nast, exposing a database associated with WIRED that encompasses over 2.3 million subscriber records. The attacker has threatened to release as many as 40 million additional records linked to various Condé Nast properties, indicating a serious potential risk to user data across multiple platforms.
On December 20, Lovely disseminated the database on a hacking forum, setting a price of roughly $2.30 in forum credits for access. In their forum post, the hacker criticized Condé Nast for reportedly neglecting vulnerability reports, asserting that the company did not prioritize the security of user data.
“Condé Nast does not care about the security of their users’ data. It took us an entire month to convince them to fix the vulnerabilities on their websites,” the post stated, reflecting a lack of responsiveness from the organization regarding cybersecurity issues.
Lovely indicated in the forum that they would be releasing more user data in the coming weeks, further raising alarms about the extent of the breach.
Source: BleepingComputer
This same hacker later replicated the release on additional hacking forums, where users were required to expend forum credits to access the password for the archive containing the stolen data.
Lovely disclosed record counts for various other Condé Nast properties, which included recognizable names such as The New Yorker, Epicurious, SELF, Vogue, and Vanity Fair, among others. While Condé Nast has not officially acknowledged the breach, BleepingComputer conducted an analysis of the leaked database and confirmed the legitimacy of records belonging to WIRED subscribers.
The compromised dataset comprises 2,366,576 total records, with 2,366,574 unique email addresses, covering timestamps from April 26, 1996, to September 9, 2025. Each entry contains a subscriber’s unique ID, email address, and optional fields such as first and last name, phone number, physical address, gender, and date of birth—many of which are indeed left blank.
In addition to the user demographic fields, the records include timestamps for account creation and updates, along with WIRED-specific identifiers such as display usernames. Notably, while there are numerous empty fields, some records reveal personal information, including 284,196 records with both first and last names, and others containing full profiles.
Alon Gal, co-founder and CTO of Hudson Rock, verified the authenticity of the records using infostealer logs, which contained credentials from previous breaches. According to Gal, legitimate subscriber data was correlated with records in the leaked database without direct interaction with Condé Nast.
The database has now been incorporated into the “Have I Been Pwned” service, which allows users to check if their email addresses have been compromised in this data leak.
Identity of the Hacker
Prior to the data leak, Lovely appears to have positioned themselves as a security researcher. Reports indicate that they reached out to Dissent Doe of DataBreaches.net for assistance in responsibly disclosing vulnerabilities they claimed could allow attackers to manipulate user account information. Initially, the hacker mentioned that they had downloaded a limited number of records solely for verification purposes.
However, with no response from Condé Nast, Lovely later informed Dissent Doe that they had accessed the entire database, threatening to leak it publicly. Subsequently, Dissent Doe expressed disappointment over being deceived by a threat actor who pursued the leak instead of responsible disclosure. “’Lovely’ played me. Condé Nast should not compensate them, as their credibility is unreliable,” commented DataBreaches.net.
BleepingComputer has sought a response from Condé Nast regarding this incident but has yet to receive any information.
