A hacker using the name “Lovely” posted an alleged WIRED subscriber database containing 2,366,576 records to a hacking forum on December 20 and offered access for forum credits while indicating more data for other Condé Nast properties may follow.
KEY FACTS
- Incident Database posted to a hacking forum on December 20
- Records 2,366,576 total entries and 2,366,574 unique email addresses
- Data types Emails, account IDs, optional names, addresses, phone numbers, birthdays
- Verification Independent verification used infostealer logs
The posting offered the archive for a small number of forum credits and required additional credits to reveal the archive password.
The dataset shows timestamps from April 26, 1996 to September 9, 2025 and includes WIRED-specific account fields such as display username and account creation and update dates.
Many fields are empty. Approximately 284,196 records include both first and last name, 194,361 include a physical address, 67,223 include a birthday, and 32,438 include a phone number. A small subset of 1,529 records contains name, birthday, phone, address, and gender.
A technical analysis by Infostealers.com verified the records by matching them to infostealer infection logs.
The dataset has been added to Have I Been Pwned to allow people to check exposed email addresses. Condé Nast did not respond to questions about the incident at the time of the leak.
WHY IT MATTERS
Subscribers named in the dataset may face increased phishing and account takeover risk because the records include personal contact details and timestamps. The scale of the claimed additional data raises further exposure concerns for readers of Condé Nast titles.