Data Breach at LexisNexis Risk Solutions

https://www.securityweek.com/364000-impacted-by-data-breach-at-lexisnexis-risk-solutions/

40•susam•1d ago

Comments

prepend•1d ago

The article says LNRS is headquartered in Atlanta, but it’s actually Alpharetta. [0]

[0] https://en.wikipedia.org/wiki/LexisNexis_Risk_Solutions

pards•1d ago

> The threat actor had accessed the company’s GitHub account and accessed "some software artifacts as well as some personal information."

LexisNexis offers software to perform credit checks and sanctions screening so access to their source code is arguably more valuable than any personal data - it could be used to sidestep the regulatory steps in the financial system and facilitate fraud, money laundering etc.

6stringmerc•1d ago

Now add in the growing trend of using AI generated video / voice emulation and it’s a highly effective attack vector.

It’s already been used to direct funds in Asia from an actual financial institution to thieves. People still get phished on the regular. This is next level.

T3OU-736•1d ago

The relation between GutHub creds being compromised and persional (Social Security) numbers being accessed is not obvious, and feels weird.

Were SSNs in a GH repo?

Credentials for GH access grabted access to the database with SSNs in it?

Those both seem, in their own right, quite bad.

jeffwask•1d ago

As an Ops guy, this was my reaction too.

paddw•1d ago

sure sounds like it

“An unauthorized third party acquired certain LNRS data from a third-party platform used for software development. The issue did not affect LNRS’s own networks or systems,” the company said

reverendsteveii•1d ago

I look forward to the settlement in which the company that collects my information with no consent and no opt-out and then fails to secure that information offers me credit monitoring that I can already get for free. Some lawyers will get very rich, though.

jayemar•1d ago

How do you get free credit monitoring?

How much LLM scraping is being done from residential IPs?

Show HN: Wasibuilder, Enable WasmEdge network extension v2 for Go stdlib

SCP-3434: Istanbul Taxi Superorganism

Rork: Vibe Coding Mobile Apps

Biomni – a general purpose biomedical AI agent

Rewriting the Californian Ideology

AI Visibility Pyramid: How to Improve Your Presence in AI Search

How to track visibility across AI platforms

Learn touch typing – it's worth it

Bjarne Stroustrup's FAQ

How to use dashes in fiction: UK and US style

Psychedelics myth: 'People tell tourists stories they think are interesting'

Capitalize My Title

Advising Reasonable AI Criticism

What I Learned Trying to Spend a Year Celibate

Google AI Mode for Search Has Arrived. Proceed with Caution

Show HN: Open-Source LLM-Powered Invoice and Receipt Extractor

Attention Is All You Need

SMD Prototyping Is a Work of Art (2016)

Turning Portal 2 into a Web Server [video]

Volkswagen to make 'massive' investment in US in bid to avoid tariffs

UK Carbon Price Soars 8% as London Agrees to Link Emissions Trading with EU

Automattic says it will start contributing to WordPress again after pause

C++ to Rust Phrasebook

Why Writing by Hand Is Better for Memory and Learning

How to Build and Use Agentic RAG (in Rust)

How to Join a Social Network in 1998

Proof that Patrick Stewart exists in the Star Trek universe

Why Agents Are Bad Pair Programmers

Why Lisp macros are cool, a Perl perspective (2005)