Last updated 1 week ago
In December 2025, approximately 2.36 million records from WIRED magazine users were published online. The data was allegedly obtained from parent company Condé Nast and represents a subset of Condé Nast brands the hacker claims to have accessed. The exposed information includes email addresses and display names for most users, with a smaller subset containing more sensitive personal data such as names, phone numbers, dates of birth, gender, and geographic or physical address information. The most recent data in the breach dated back to September 2025.
Data allegedly obtained from parent company Condé Nast and published online
Parent company data consolidation created a single point of failure, allowing access to multiple brand datasets through one breach. Insufficient data segmentation between brands and lack of proper access controls enabled lateral movement within the organization's data environment. Recommendations include implementing stronger data segregation between brands, enhanced monitoring of data access patterns, and regular security assessments of parent company data repositories.
Company
Industry
Location
Disclosed
Records Affected
Attack Vector