LexisNexis Data Breach: Limited Impact Despite Hackers’ Claims

LexisNexis Data Breach: Limited Impact Despite Hackers’ Claims

Posted on By CWS

LexisNexis Data Breach Confirmed

LexisNexis has verified a data breach following the release of sensitive data by hackers, although the company asserts that the fallout is minimal. The breach, reported by hackers on a cybercrime forum, involved an unsuccessful extortion attempt directed at the legal and risk solutions firm.

Details of the Cyber Intrusion

The breach was publicized on Tuesday when hackers disclosed their unauthorized access attempts. According to LexisNexis representatives, the intrusion involved some servers but primarily affected legacy systems holding outdated data from before 2020. The corporation assured that the core functions of their services remain uncompromised.

Compromised information includes customer names, user IDs, and contact details, in addition to IP addresses of survey respondents and support ticket data. Despite the breach, LexisNexis stated they have contained the situation and detected no impact on their operations.

Exploitation Techniques Used

Hackers reportedly exploited the React2Shell vulnerability and misconfigured AWS instances to extract over 2GB of data. The cybercriminals claimed access to a vast array of records, including corporate accounts, employee credentials, and sensitive personal information of around 400,000 individuals, with some government email accounts involved.

Data allegedly compromised includes names, emails, phone numbers, and job titles. The attack is said to have occurred in the preceding week, according to sources familiar with the hackers’ statements.

Historical Context of LexisNexis Breaches

LexisNexis has faced similar challenges previously. Last year, LexisNexis Risk Solutions confirmed that a breach involving a third-party vendor compromised data of over 360,000 individuals. Such incidents emphasize the ongoing challenges in protecting sensitive information against evolving cyber threats.

As companies continue to face cyber threats, the LexisNexis breach underscores the importance of robust cybersecurity measures and regular vulnerability assessments to safeguard sensitive data.

Security Week News Tags:, , , , , , , , ,

Related Posts

Cyberattack On Russian Airline Aeroflot Causes the Cancellation of More Than 100 Flights Cyberattack On Russian Airline Aeroflot Causes the Cancellation of More Than 100 Flights Security Week News
TRM Labs Secures M for AI in Blockchain Security TRM Labs Secures $70M for AI in Blockchain Security Security Week News
Ivanti Neurons for ITSM Vulnerabilities Resolved Ivanti Neurons for ITSM Vulnerabilities Resolved Security Week News
Creating Realistic Deepfakes Is Getting Easier Than Ever. Fighting Back May Take Even More AI Creating Realistic Deepfakes Is Getting Easier Than Ever. Fighting Back May Take Even More AI Security Week News
SonicWall Warns of Trojanized NetExtender Stealing User Information SonicWall Warns of Trojanized NetExtender Stealing User Information Security Week News
Industrial Giants Schneider Electric and Emerson Named as Victims of Oracle Hack Industrial Giants Schneider Electric and Emerson Named as Victims of Oracle Hack Security Week News