Tech outlet Wired is at the center of a potential data breach after a lone hacker claimed to have breached Condé Nast and is now threatening to leak the personal information of more than 2.3 million subscribers.
As first reported by Bleeping Computer, the alleged leaker, Lovely, posted on a hacking forum, accusing Condé Nast, the parent company of Wired, Vogue, Vanity Fair, and the New Yorker, of ignoring vulnerability reports and failing to take security concerns seriously. However, independent cybersecurity journalist Dissent Doe of DataBreaches.net alleges the hacker is simply a bad actor who can’t be trusted and is attempting to extract a payout from the media company rather than acting out of any legitimate security concern.
According to independent verification by Bleeping Computer and Infostealer, the breach appears to be legitimate and includes email addresses, along with optional fields such as first and last name, phone number, physical address, gender, and date of birth — although many of these fields appear to be empty.
Mashable Light Speed
Beyond Wired’s subscriber database, the hacker claims to have access to as many as 40 million additional records across Condé Nast’s portfolio. Lovely’s post was found on multiple hacking forums, giving users on those sites access to the database for $2.30.
Condé Nast has not yet issued a public statement confirming the breach. Mashable reached out for comment but did not receive a response before publication.
Per Bleeping Computer, only 1,529 of the more than 2.3 million records appear to be complete profiles, containing full names, birthdays, phone numbers, physical addresses, and gender information. The database has also been added to Have I Been Pwned, allowing affected subscribers to check whether their email address was included in the breach.
