Condé Nast seems to have been the victim of a phishing attack. Earlier today, employees of the legacy media company received a suspect email from an employee, which claims to be from the IT department and asks that they click a link to safeguard their account. Some hours later, a message went out to the entire company alerting employees that this initial message was a malicious phishing attempt. It implores employees to not click the link and immediately change their password and report to IT if they did.
It’s unclear if any of Condé’s networks were actually compromised, but it’s telling that the initial email to everyone did come from someone within the company. I reached out to Condé Nast and will update this post if I learn more. If you know anything, please reach out (cweissman[at]fastcompany.com).