好的,我现在需要帮用户总结一篇文章,控制在100字以内。首先,我得仔细阅读文章内容,抓住主要信息。 文章标题是《Condé Nast面临重大数据泄露:230万WIRED记录泄露,4000万用户数据面临风险》。作者是Pierluigi Paganini,日期是2025年12月28日。内容讲的是一个黑客声称入侵了Condé Nast,泄露了230万WIRED订阅者的数据,并威胁要曝光另外4000多万用户的资料。 接下来,我需要提取关键点:黑客的名字“Lovely”,泄露的数据包括姓名、邮箱、用户ID等,没有密码和支付信息。Condé Nast旗下包括《纽约客》、《Vogue》等品牌。此外,Hudson Rock的研究人员验证了数据的真实性,并提到可能有更大的数据泄露。 现在,我要把这些信息浓缩到100字以内。需要注意的是开头不要用“这篇文章”或“文章内容总结”这样的词,直接描述即可。 可能的结构是:黑客入侵Condé Nast,泄露230万WIRED用户数据,并威胁更多;数据包括个人信息;公司未重视安全警告;研究人员确认数据真实。 最后检查字数是否在限制内,并确保信息准确无误。 </think> 一名黑客声称入侵Condé Nast系统,泄露了230万WIRED订阅者的数据,并威胁将曝光另外4000多万用户的个人信息。此次事件涉及姓名、邮箱和用户ID等信息,但未包含密码或支付详情。Condé Nast旗下包括《纽约客》、《Vogue》等品牌。研究人员已验证此次泄露的真实性,并警告未来可能有更大规模的数据暴露风险。 2025-12-28 19:43:55 Author: securityaffairs.com(查看原文) 阅读量:5 收藏
Condé Nast faces major data breach: 2.3M WIRED records leaked, 40M more at risk
Pierluigi Paganini
December 28, 2025
Hacker claims Condé Nast breach, leaking 2.3M WIRED subscriber records and threatening to expose up to 40M more from other brands.
A hacker known as “Lovely” claims to have leaked personal data of over 2.3 million Wired.com users. The data was allegedly posted on December 20, 2025, on the new Breach Stars hacking forum, with a download link and file hash. The hacker accused Condé Nast, Wired’s parent company, of ignoring multiple security warnings prior to the breach.
Lovely claims that Condé Nast does not care about the security of its users and ignores vulnerability reports.
“Condé Nast does not care about the security of their users’ data. It took us an entire month to convince them to fix the vulnerabilities on their websites. We will leak more of their users’ data (40+ million) over the next few weeks. Enjoy!” reads the message published by Lovely on the hacking forum.
Lovely initially posed as a security researcher seeking responsible disclosure help for Condé Nast vulnerabilities, but later admitted downloading the full database and threatening to leak it, misleading DataBreaches.net.
The hacker claims access to a centralized Condé Nast account system covering over 40 million users across major brands, including The New Yorker, Wired, Vogue, GQ, and others. Lovely is threatening to release the personal data of up to 40 million users.
Hackread reported that the dataset also includes nearly 9.5 million records labeled “NIL” and smaller international segments, reinforcing the idea of a shared identity infrastructure.
Compromised data includes full names, email addresses, user ID, display names, account creation and update timestamps, and in some cases, last session dates.
The leaked dataset includes both system-generated Wired.com emails used for testing and real personal email addresses, confirming genuine user accounts dating back to 2011. Account creation dates range from 2011 to 2022, with mixed session activity.
No password or payment information was exposed.
Hudson Rock co-founder Alon Gal confirmed the leak’s authenticity by matching Wired.com records with infostealer logs containing compromised credentials.
“Hudson Rock researchers have authenticated the 2.3 million record WIRED leak using infostealer infection data. More alarmingly, the hacker claims that a much larger database consisting of 40,000,000 lines related to Condé Nast will be released soon. This impending leak is expected to impact major publications including Vogue, The New Yorker, and Vanity Fair.” reads the report published on the company website Infostealers.
“Our validation of the current data confirms it is legitimate and fresh, with entries as recent as September 8, 2025.”
Gal pointed out that the leak of over 102,000 home addresses raises serious risks. A larger release could enable doxing, swatting, and highly targeted spear-phishing using Condé Nast brand context.
The dataset is now listed on Have I Been Pwned.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, data breach)
如有侵权请联系:admin#unsafe.sh