For those being notified or first learning about the #WIRED #databreach:
On December 25, I broke the story of how I had been contacted in November by "Lovely," who claimed to have discovered a vulnerability. They asked for help getting Condé Nast to respond to them. They claimed they were not seeking any bounty or payment and had only downloaded a few profiles as proof.
They showed me my own data.
Trying to help, I reached out to Condé Nast corporate as well as to a contact at #WIRED.
Condé Nast never responded to me -- or to "Lovely" who eventually showed their true colors as someone trying to extort Condé Nast.
Do they have more data? Yes, it appears they do.
@troyhunt verified the data leak and #HIBP has been notifying its affected subscribers.
Read more details in my blog post at https://databreaches.net/2025/12/25/conde-nast-gets-hacked-and-databreaches-gets-played-christmas-lump-of-coal-edition/
@zackwhittaker @campuscodi @gcluley @euroinfosec @ValeryMarchive
#databreach #dataleak #infosec #cybersecurity #incidentresponse