LexisNexis Cloud Hack: Hackers Crack Legal Giant, Spill Gov Secrets – Your Supply Chain Just Got Pwned
Legal data powerhouse LexisNexis confirmed hackers breached their AWS cloud setup, swiping 2GB of sensitive client data including profiles on U.S. federal judges, DOJ attorneys, and 21,000+ enterprise accounts.[1][4] The attack went down on February 24, but the leak hit forums recently, exposing legacy info that could fuel targeted attacks.[1]
Attackers, going by FulcrumSec, exploited a known React2Shell vulnerability in an unpatched React app for initial access, then escalated via a misconfigured IAM role with god-like perms and a hardcoded database password – yeah, “Lexis1234”.[1] They grabbed user profiles, VPC maps, 45 employee password hashes, 82k support tickets, and 53 plaintext cloud secrets, all dumped online.[1][4]
**So What?** Devs and sec teams: This screams supply chain nightmare. LexisNexis feeds law firms, courts, and gov agencies – if you’re hooked in, your client lists, procurement habits, and contacts are now hacker bait for phishing or worse.[1] Unpatched apps + lazy IAM + weak creds = instant ownage; audit your cloud configs NOW, or you’re next in the breach parade.[1]
My take: LexisNexis dropping the ball twice in a year shows big vendors can’t be trusted blindly – demand SOC2 proofs and run your own pen tests on third-parties. Wake up, or get leaked.[1]
