Data Breach at LexisNexis Risk Solutions

https://www.securityweek.com/364000-impacted-by-data-breach-at-lexisnexis-risk-solutions/

40•susam•8mo ago

Comments

prepend•8mo ago

The article says LNRS is headquartered in Atlanta, but it’s actually Alpharetta. [0]

[0] https://en.wikipedia.org/wiki/LexisNexis_Risk_Solutions

pards•8mo ago

> The threat actor had accessed the company’s GitHub account and accessed "some software artifacts as well as some personal information."

LexisNexis offers software to perform credit checks and sanctions screening so access to their source code is arguably more valuable than any personal data - it could be used to sidestep the regulatory steps in the financial system and facilitate fraud, money laundering etc.

6stringmerc•8mo ago

Now add in the growing trend of using AI generated video / voice emulation and it’s a highly effective attack vector.

It’s already been used to direct funds in Asia from an actual financial institution to thieves. People still get phished on the regular. This is next level.

T3OU-736•8mo ago

The relation between GutHub creds being compromised and persional (Social Security) numbers being accessed is not obvious, and feels weird.

Were SSNs in a GH repo?

Credentials for GH access grabted access to the database with SSNs in it?

Those both seem, in their own right, quite bad.

jeffwask•8mo ago

As an Ops guy, this was my reaction too.

paddw•8mo ago

sure sounds like it

“An unauthorized third party acquired certain LNRS data from a third-party platform used for software development. The issue did not affect LNRS’s own networks or systems,” the company said

reverendsteveii•8mo ago

I look forward to the settlement in which the company that collects my information with no consent and no opt-out and then fails to secure that information offers me credit monitoring that I can already get for free. Some lawyers will get very rich, though.

jayemar•8mo ago

How do you get free credit monitoring?

Show HN: COGext – A minimalist, open-source system monitor for Chrome (<550KB)

FOSDEM 26 – My Hallway Track Takeaways

Show HN: Env-shelf – Open-source desktop app to manage .env files

Show HN: Almostnode – Run Node.js, Next.js, and Express in the Browser

Dell support (and hardware) is so bad, I almost sued them

Project Pterodactyl: Incremental Architecture

Styling: Search-Text and Other Highlight-Y Pseudo-Elements

Crypto firm accidentally sends $40B in Bitcoin to users

Magnetic fields can change carbon diffusion in steel

Fantasy football that celebrates great games

Show HN: Animalese

StrongDM's AI team build serious software without even looking at the code

John Haugeland on the failure of micro-worlds

Show HN: Velocity - Free/Cheaper Linear Clone but with MCP for agents

Corning Invented a New Fiber-Optic Cable for AI and Landed a $6B Meta Deal [video]

Show HN: XAPIs.dev – Twitter API Alternative at 90% Lower Cost

Near-Instantly Aborting the Worst Pain Imaginable with Psychedelics

Show HN: Nginx-defender – realtime abuse blocking for Nginx

The Super Sharp Blade

Smart Homes Are Terrible

What I haven't figured out

KPMG pressed its auditor to pass on AI cost savings

Open-source Claude skill that optimizes Hinge profiles. Pretty well.

First Proof

I squeezed a BERT sentiment analyzer into 1GB RAM on a $5 VPS

Kagi Translate

Building Interactive C/C++ workflows in Jupyter through Clang-REPL [video]

Tactical tornado is the new default

Full-Circle Test-Driven Firmware Development with OpenClaw

Automating Myself Out of My Job – Part 2