Post

LexisNexis Confirms Data Breach Affecting Customer Records

Posted
By ictsec.pl
1 min read
LexisNexis Confirms Data Breach Affecting Customer Records

LexisNexis Confirms Data Breach at Legal & Professional Arm 🚨

Data analytics giant LexisNexis has confirmed that its Legal & Professional division suffered a data breach just days after the Fulcrumsec cybercrime crew claimed responsibility for the hack. Following an investigation, LexisNexis reported that the matter is now contained, and that neither its products nor services were ever compromised. However, the company had to enlist a third-party digital forensics team to manage the cleanup.

A spokesperson stated that only “a limited number of servers” were accessed, and the data stored on them was “mostly legacy, deprecated data from prior to 2020.” This included customer names, user IDs, business contact information, products used, customer surveys with respondent IP addresses, and support tickets. Importantly, the impacted information did not contain sensitive personally identifiable information such as Social Security numbers, driver’s license numbers, or any financial data.

Additionally, according to the criminals’ listing, which claims to contain a little more than 2 GB of company data, Fulcrumsec alleges it exfiltrated files from a LexisNexis AWS instance by exploiting a vulnerable React container, specifically an unpatched React2Shell vulnerability. The listing claims the data dump includes 400,000 cloud user profiles, complete with personally identifiable information (PII) points, including names, emails, and phone numbers. This claim remains unverified.

Furthermore, among the other files are 17 VPC databases and more than 430 VPC database tables, 536 Redshift tables, 3.9 million database records, and 53 secrets taken from AWS Secrets Manager, according to Fulcrumsec. The cyber crew claims it leaked over 21,000 customer account records belonging to government agencies, insurance companies, law firms, and universities. They also assert that more than 300,000 records included in the dump pertain to customer contracts, revealing which products individual organizations pay for, their associated renewal dates, and pricing tiers. “This is the complete commercial relationship database,” Fulcrumsec wrote. “If you wanted to know exactly what Gibson Dunn pays for Lexis Advance, or what the SEC subscribes to, or which Newsdesk package the Ellen MacArthur Foundation uses – it is all here.”

For more details, you can read the complete article here.

DATA SECURITY
LEXISNEXIS DATA BREACH CYBERSECURITY CUSTOMER RECORDS
This post is licensed under CC BY 4.0 by the author.