- Hackers claim deeper access to LexisNexis data than company admits
- Attack Reportedly Exposed Government and Enterprise User Data
- LexisNexis insists stolen information is outdated
US analytics giant LexisNexis recently confirmed it suffered a data breach, but downplayed the significance, saying the hackers only stole outdated and irrelevant data. Hackers claim the opposite.
Recently, a malicious actor calling itself FulcrumSec leaked 2 GB of files on various underground forums, BeepComputer reported, claiming that it used React2Shell, an open source post-exploitation framework, against an unpatched React front-end application.
The group allegedly broke into a React container with access to hundreds of Redshift tables, VPC database tables, dozens of AWS Secrets Manager secrets (in plaintext) and employee password hashes, millions of database records, thousands of customer accounts, and more. From there, they were able to extract information related to more than 100 users with .gov email addresses, such as federal judges, U.S. Department of Justice attorneys, SEC staff and others. They also accessed around 400,000 cloud user profiles with their real names, email addresses, phone numbers and job titles.
Legacy and obsolete data
Although LexisNexis confirmed the incursion, it downplayed its significance, saying the stolen data is not at all up to date.
“These servers contained primarily legacy and obsolete data from before 2020, including information such as customer names, user IDs, business contact details, products used, customer surveys with respondent IP addresses, and support tickets,” a company spokesperson said.
“The information involved did not contain social security numbers, driver’s license numbers or any other sensitive personal information; credit card, bank accounts or other financial information; active passwords; or customer search queries, customer or business information, or customer contracts. »
FulcrumSec said it tried to contact LexisNexis (most likely demanding ransom payment in exchange for data deletion), but the company “decided not to work with us,” the scammers said.
LexisNexis now believes that the attack is contained.
The best antivirus for every budget
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds. Make sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp Also.
