WIRED Data Breach Claim: Hacker Alleges Leak of Millions of Subscriber Records
A hacker has claimed responsibility for a massive data breach involving a major global media company, alleging the theft and release of more than 2.3 million subscriber records from one of its flagship publications.
The threat actor, using the alias “Lovely,” posted the database on a popular hacking forum on December 20, offering access for a small fee through the forum’s credit system. The hacker also warned that this leak may be only the beginning, claiming to possess up to 40 million additional records tied to other properties owned by the same media group.
Hacker Accuses Company of Ignoring Security Warnings
In forum posts, Lovely accused the media company of failing to address reported security vulnerabilities in a timely manner. The hacker claimed they spent weeks attempting to alert the organization before deciding to leak the data publicly.
“The company does not care about the security of their users’ data,” the post stated, adding that vulnerabilities allegedly allowed unauthorized access to user information.
After the initial leak, the same dataset was reposted across multiple underground forums, where users were again required to pay credits to access the archive password.
Multiple Publications Allegedly Affected
Lovely also published a list of other media brands they claim were impacted, citing abbreviated names that appear to reference well-known magazines and digital publications spanning news, fashion, lifestyle, travel, and health sectors.
As of now, the media company has not publicly confirmed a breach. However, independent analysis conducted by a cybersecurity outlet verified 20 records as belonging to legitimate subscribers of the affected news agency.
What the Leaked Data Contains
According to the analysis, the dataset includes 2,366,576 total records and 2,366,574 unique email addresses, with account timestamps ranging from 1996 to September 2025.
Each record contains a unique internal ID and email address, along with optional personal data fields. While many entries are incomplete, some records include:
First and last names
Physical mailing addresses
Phone numbers
Birthdates
Gender
Roughly 12% of records include full names, 8% contain physical addresses, and smaller percentages include phone numbers or birthdates. A very small subset contains highly detailed personal profiles.
Cybersecurity Experts Validate the Leak
Cybersecurity researcher Alon Gal, co-founder and CTO of Hudson Rock, confirmed that the data aligns with information found in previously compromised credential logs, lending further credibility to the breach claims.
Before releasing the data, Lovely reportedly identified themselves as a security researcher and sought help with responsible disclosure. According to reports, they contacted a breach-monitoring platform in late November to assist in reaching the company’s security team, claiming the flaws allowed attackers to view and modify user accounts.
Investigation Ongoing
At this time, it remains unclear whether additional datasets will be released. Users associated with the affected media properties are advised to remain alert, change passwords, and monitor accounts for suspicious activity as the situation develops.
0 Comments