URGENT UPDATE: A hacker known as “Lovely” has just leaked the personal data of over 2.3 million Wired.com users, raising alarms about a potential breach affecting 40 million accounts across various Condé Nast properties. The leak was posted on December 20, 2025, on a newly launched hacking forum called Breach Stars, where the hacker accused Condé Nast of ignoring previous warnings regarding security vulnerabilities.
The leaked data includes user records containing full names, email addresses, user IDs, display names, and account creation timestamps, though it notably lacks passwords or payment information. However, the inclusion of real email addresses and unique user IDs poses serious privacy concerns. Many records show minimal personal information, suggesting that such details were not mandatory during account registration.
Most alarming is the timeline of the accounts, which were created between 2011 and 2022. Timestamps indicate a mix of both recent and older activity, suggesting the hacker gained access to a live or archived database rather than a mere marketing list. This raises significant questions about the security of Condé Nast’s user data.
According to the hacker, the breach extends beyond Wired.com, affecting numerous Condé Nast brands, including:
– GQ (MEN): 994,072 records
– Self (SELF): 2,075,122 records
– Vogue (VOG): 1,959,212 records
– Allure (ALLURE): 1,871,068 records
– Bon Appétit (BNA): 2,030,162 records
– The New Yorker (NYR): 6,796,525 records
– Glamour (GLAMOUR): 1,461,408 records
– Architectural Digest (AD): 854,862 records
– Vanity Fair (VANITYFAIR): 1,637,038 records
– Teen Vogue (TEENVOGUE): 586,194 records
– Golf Digest (GOLFDIGEST): 684,549 records
– Condé Nast Traveler (TVL): 1,080,711 records
Additionally, the leak contains an unidentified entry labeled “NIL,” which holds 9,468,938 accounts. This breadth of data suggests a centralized account infrastructure may be at risk.
As of now, Condé Nast has not issued any public statement regarding the breach. Efforts to verify the authenticity of the leaked data are ongoing, with some reports on social media confirming that the samples contain valid user account details.
The hacker has previously contacted journalists, posing as a security researcher before threatening to publicly leak the data, raising doubts about their credibility. The method used to extract this sensitive data has yet to be disclosed publicly.
Despite the claims, Hackread.com has conducted an analysis confirming that the leaked records appear legitimate. The urgency of this situation cannot be overstated, as the exposure of personal information poses significant risks for users across multiple platforms.
Until Condé Nast addresses this breach, all related claims should be regarded with caution. This is a developing story, and further updates will follow as more information becomes available. Stay tuned.
