Hacker Claims To Leak Wired Database With 2.3 Million Records

On December 20, a threat actor using the name "Lovely" leaked the database on a hacking forum, offering access for approximately $2.30 in the site's credits system. In the post, Lovely accused Condé Nast of ignoring vulnerability reports and claimed the company failed to take security seriously.

"Condé Nast does not care about the security of their users' data. It took us an entire month to convince them to fix the vulnerabilities on their websites," reads a post on a hacking forum.

"We will leak more of their users' data (40+ million) over the next few weeks. Enjoy!"

The same person later leaked the data on other hacking forums, where users also had to spend forum credits to reveal the password to the archive containing the data.

Lovely also shared record counts for other Condé Nast properties they claim to have stolen data, including, based on the abbreviations used, The New Yorker, Epicurious, SELF, Vogue, Allure, Vanity Fair, Glamour, Men's Journal, Architectural Digest, Golf Digest, Teen Vogue, Style.com, and Condé Nast Traveler.

The dataset contains 2,366,576 total records and 2,366,574 unique email addresses, with timestamps ranging from April 26, 1996, to September 9, 2025.

The records also include account creation and update timestamps, last session information, and WIRED-specific fields such as a display username and WIRED account creation and update dates.

While many of the records fields are empty, some include additional personal details.

Approximately 284,196 records (12.01%) include both a first and last name, 194,361 records (8.21%) include a physical address, 67,223 records (2.84%) include a birthday, and 32,438 records (1.37%) include a phone number.

A much smaller subset includes more complete profiles, with 1,529 records (0.06%) containing a full name, birthday, phone number, address, and gender.

Source: BleepingComputer