Earlier this month, a hacker named Beautiful claimed to have breached a Condé Nast person database and launched a listing of greater than 2.3 million user records from our sister publication WIRED. The launched supplies comprise demographic info (title, electronic mail, tackle, cellphone, and many others.) however no passwords.
The hacker additionally says that they’ll launch a further 40 million data for different Condé Nast properties, together with our different sister publications Vogue, The New Yorker, Vainness Honest, and extra. Of important observe to our readers, Ars Technica was not affected as we run on our personal bespoke tech stack.
The hacker stated that that they had urged Condé Nast to patch vulnerabilities to no avail. “Condé Nast doesn’t care concerning the safety of their customers information,” the hacker wrote. “It took us a complete month to persuade them to repair the vulnerabilities on their web sites. We’ll leak extra of their customers’ information (40+ million) over the following few weeks. Get pleasure from!”
It’s unclear how altruistic the motive actually was. DataBreaches.Net says that Lovely misled the site into believing that the hacker was making an attempt to assist patch vulnerabilities, when in actuality, it seems that the hacker is a “cybercriminal” on the lookout for a payout. “As for ‘Beautiful,’ they performed me. Condé Nast ought to by no means pay them a dime, and nobody else ought to ever, as their phrase clearly can’t be trusted,” wrote DataBreaches.Internet.
Condé Nast has not issued a press release, and we’ve got not been knowledgeable internally of the hack (which isn’t stunning, since Ars isn’t affected).
Hudson Rock’s InfoStealers has an excellent rundown of what has been uncovered.
