- Hacker "Lovely" breached Condé Nast, leaking data of 2.3M WIRED readers
- Stolen info includes emails, names, phone numbers, addresses, and account details
- Criminals may exploit data for phishing; users urged to stay vigilant with suspicious emails
Sensitive information on more than 2.3 million WIRED readers was leaked on the dark web recently, when a hacker broke into Condé Nast.
As multiple sources confirmed, a hacker going by the alias ‘Lovely’ recently broke into Condé Nast, a global media giant and owner of some of the world’s biggest media publications such as Vogue, The New Yorker, GQ, Vanity Fair, and Wired. They claimed not to be malicious and instead tried to reach out to the company to warn them about six vulnerabilities they had discovered.
When they failed, and Condé Nast did not respond to their inquiries, they even reached out to DataBreaches.net to try and get their attention. Ultimately, they succeeded, and WIRED was notified about the holes.
How to stay safe
However, despite claiming to be benign, the hacker leaked the stolen archive to multiple hacking forums. Other visitors could view the archives by paying a small sum in forum credits, equaling approximately $2.
"Condé Nast does not care about the security of their users' data. It took us an entire month to convince them to fix the vulnerabilities on their websites," the forum post reads. "We will leak more of their users' data (40+ million) over the next few weeks. Enjoy!"
Lovely claims to have stolen roughly 2.3 million email addresses, unique internal IDs, full names, phone numbers, postal addresses, genders, and birthday information. The combination of information stolen varies from user to user.
The archive also contains when the account was created, when its last session was, and other WIRED-specific information. Finally, Lovely claims they also stole data from other Condé Nast properties, including The New Yorker, Epicurious, SELF, Vogue, Allure, Vanity Fair, Glamour, Men's Journal, Architectural Digest, Golf Digest, Teen Vogue, Style.com, and Condé Nast Traveler.
Usually, when information such as this one leaks on the dark web, criminals use it to send phishing emails. These emails are designed to steal login credentials and other sensitive data, making the breach that much worse. To stay safe, be extra vigilant with unsolicited incoming emails, especially those pretending to be from Condé Nast or any of its brands.
Via BleepingComputer
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.
