"Earlier this month, a hacker named Lovely claimed to have breached a Condé Nast user database and released a list of more than 2.3 million user records from our sister publication WIRED. The released materials contain demographic information (name, email, address, phone, etc.), but no passwords. The hacker said that they had urged Condé Nast to patch vulnerabilities to no avail. "Condé Nast does not care about the security of their users data," they wrote. "It took us an entire month to convince them to fix the vulnerabilities on their websites. We will leak more of their users' data (40 + million) over the next few weeks. Enjoy!""
"It's unclear how altruistic the motive really was. DataBreaches.Net says that Lovely misled them into believing they were trying to help patch vulnerabilities, when in reality, it appeared that this hacker was a "cybercriminal" looking for a payout. "As for "Lovely," they played me. Condé Nast should never pay them a dime, and no one else should ever, as their word clearly cannot be trusted," they wrote."
A hacker using the name Lovely claimed a breach of a Condé Nast user database and released more than 2.3 million WIRED user records containing demographic details but no passwords. Lovely alleges they urged Condé Nast to patch vulnerabilities and threatens to leak an additional 40+ million records from other Condé Nast publications, including Vogue, The New Yorker, and Vanity Fair. DataBreaches.Net reports Lovely misled them and appears motivated by payoff rather than altruistic disclosure, warning Condé Nast should not pay. Condé Nast has not issued a statement, and Ars Technica was not affected due to its bespoke tech stack.
Read at Ars Technica
Unable to calculate read time
Collection
[
|
...
]