Monorepo

Conde Nast Hit by Data Breach and Extortion Threat from Hackers

Conde Nast Hit by Data Breach and Extortion Threat from Hackers
source: gettyimages
January 6, 2026

A criminal group, calling itself Lovely, has issued a stark warning and started publishing stolen subscriber data from Conde Nast, the publisher behind Wired, The New Yorker, Vanity Fair, and Teen Vogue. The hackers claim their initial attempt to alert the company about security vulnerabilities was ignored, prompting them to release sensitive information on Christmas Day.

Details of the Leak

The breach primarily affects Wired magazine subscribers. Hackers released:

Additional data leaked include user IDs, display names, account creation and update timestamps, last session dates, and IP addresses. The breadth of this data suggests the database likely contained live, user-specific information rather than static marketing lists.

Hacker Message and Future Threats

The hacking group accused Conde Nast of neglecting user data security, stating: > “Conde Nast does not care about the security of their users’ data. It took us an entire month to convince them to fix the vulnerabilities on their website. We will leak more of their users’ data (40+ million) over the next few weeks. Enjoy!”

The group has announced plans to continue releasing more leaked data, which they say will include information from various Conde Nast platforms, potentially encompassing over 40 million entries.

Distribution and Implications

The stolen files were uploaded to file-sharing platforms Limewire and Gofile.io. If the data spreads further, it could reveal subscriber identities and preferences—potentially exposing whether individuals enjoy content such as The New Yorker’s satirical cartoons or Vogue’s fashion coverage.

Security Experts Confirm Authenticity

Security researchers from Hudson Rock verified the leak’s authenticity. They found that subscriber email addresses and credentials matching the leaked data appeared in global infostealer malware infection logs—specifically RedLine and Racoon. This connection indicates the breach is real and the data genuine.

Potential Risks for Subscribers

According to cybersecurity experts, affected individuals could face risks such as:

Fortunately, no credit card or payment information was disclosed in this leak.

Response and Next Steps

Conde Nast has yet to comment publicly on the breach. As the story develops, users are advised to monitor their accounts for suspicious activity and remain cautious of targeted scams.

---

The cybersecurity landscape continues to evolve, with increasingly sophisticated attacks exposing personal data of millions. Stay vigilant and informed.

Related links

By submitting, I confirm I have the right to share this link and I agree to link back to this article from the submitted page. Duplicate URLs are rejected. Up to 5 links per page.

GraphQL · 156 ms 
query Q($id: Int!, $domain: Int!, $srcId: Int!, $hasSrc: Boolean!, $hasSelf: Boolean!) {
  self: qa_ai(where: {id: {_eq: $id}}, limit: 1) @include(if: $hasSelf) { id title text date }
  linksarticle: qa_ai(where: {domain: {_eq: $domain}, id: {_neq: $id}}, order_by: {id: desc}, limit: 8) { id title }
  linksbottom: qa_ai(where: {domain: {_neq: $domain}, id: {_lt: $id}}, order_by: {id: desc}, limit: 3) { id title domain }
  source: qa_ai(where: {id: {_eq: $srcId}}, limit: 1) @include(if: $hasSrc) { id title }
}
{
  "id": 6644938,
  "domain": 7,
  "srcId": 0,
  "hasSrc": false,
  "hasSelf": true
}