A database containing the personal details of over 2.3 million WIRED subscribers has been leaked on the newly revived BreachForums, with cybersecurity firm Hudson Rock confirming the data's authenticity.
The breach, allegedly part of a broader attack on parent company Condé Nast, may precede a significantly larger leak involving up to 40 million records across several high-profile publications.
The leaked data was posted on December 26, 2025, by a forum user and moderator known as “Tanaka,” who labeled the file as a “2.3M wired.com Database.” The database, formatted in plaintext JSON, includes email addresses, subscriber names, home addresses, phone numbers, and metadata such as account creation dates and last login timestamps. The latest entries in the dataset are dated September 8, 2025, suggesting the breach is both recent and possibly ongoing.
Cybersecurity researchers from Hudson Rock, led by co-founder Alon Gal, verified the data by cross-referencing it with logs obtained from infostealer malware infections, including RedLine and Raccoon. This method matched leaked user records with credentials previously exfiltrated via malware, confirming the legitimacy of the breach without requiring direct access to WIRED’s infrastructure.
WIRED is a well-known American tech and culture magazine owned by Condé Nast, which also publishes Vogue, The New Yorker, Vanity Fair, and other major media brands. Condé Nast operates a central identity and subscription management platform that ties together user accounts across its various publications. According to security researchers and threat actors, weaknesses in this system may have been exploited to harvest user data en masse.
Hudson Rock’s report attributes the breach to multiple underlying vulnerabilities, including Insecure Direct Object References (IDOR) and broken access controls. The attacker, known as “Lovely,” allegedly used these flaws to scrape subscriber profiles by manipulating user ID parameters and bypassing authentication checks.
Dissent Doe reported attempts to notify Condé Nast about these vulnerabilities beginning in November 2025. However, the company has not issued any public response or user notification to date. The release of the WIRED database on Christmas Day was dubbed a “Christmas Lump of Coal” by the threat actor, who also claimed that a 40-million-record leak impacting Condé Nast's wider user base would be released in the near future.
The leaked WIRED dataset includes:
- 2.3 million email addresses
- 285,936 full names
- 102,479 home addresses
- 32,426 phone numbers
A sample posted alongside the leak reveals full user profile structures in JSON format, with fields such as email, wiredDisplayName, wiredCreatedAt, and wiredUpdatedAt, showing evidence of structured internal account metadata. While many profiles have blank fields for phone numbers and names, a significant portion includes sensitive PII that could be weaponized for doxing, spear-phishing, or even physical threats like swatting.
Users on Reddit have independently corroborated the breach. Several WIRED subscribers reported alerts from digital footprint scanners and dark web monitoring tools as early as December 23, 2025. Despite these signals, WIRED and Condé Nast have yet to make a public statement or initiate a password reset for affected users.
Leave a Reply