Global data analytics company LexisNexis Group has confirmed a cybersecurity incident affecting its Legal & Professional division, raising concerns over data protection. The company stated that unauthorized access was gained to some of its servers, though preliminary findings suggest that core products and services remained secure. The cybercrime group Fulcrumsec has claimed responsibility for the attack.
According to the company spokesperson, the breach was detected recently and was brought under control after investigation. A third-party digital forensics team was engaged to clean up and strengthen security measures. The company clarified that only a limited number of servers were accessed and that most of the stored data was legacy or pre-2020 records.
Customer Data Types Exposed
The compromised data reportedly included customer names, user IDs, business contact details, product usage information, customer survey responses, and support ticket records. However, the company stated that the data did not contain social security numbers, banking information, credit card details, active passwords, or financial transaction records.
FCRF Launches Flagship Certified Fraud Investigator (CFI) Program
The cybercriminal group claimed that nearly 2GB of data was exfiltrated from a cloud instance. The attackers alleged that the breach exploited a React2Shell vulnerability in an Amazon Web Services (AWS)-based infrastructure. The company has not officially confirmed this claim.
The hacking group also publicly asserted that the data dump contained around 400,000 cloud user profiles with personally identifiable information such as names, emails, and phone numbers. Some records were claimed to belong to U.S. government personnel, including federal judges, Department of Justice attorneys, and court clerks, though these claims remain unverified.
Massive Database Access Alleged
The cyber group further alleged that it accessed 17 Virtual Private Cloud databases, more than 430 database tables, 3.9 million records, and 53 security secrets stored in AWS Secrets Manager. The group also claimed to have stolen customer records linked to over 21,000 government agencies, insurance firms, law firms, and universities.
The hackers claimed the stolen data included more than 300,000 commercial relationship records, potentially revealing customer contract details, subscription plans, renewal dates, and pricing tiers, which could expose corporate purchasing patterns.
However, cybersecurity experts warned that criminal claims should not be fully trusted until independent investigations verify the actual scale of the breach.
Customers Notified, Systems Secure
The company stated that security controls have been strengthened and that affected customers have been notified. It also emphasized that active systems, passwords, and financial customer data remain secure.
Cybersecurity specialists said that with the increasing number of attacks on cloud infrastructure, organizations must adopt regular security audits, strong encryption standards, and strict access control policies.
The digital forensics team continues to investigate the incident to determine the exact volume of data compromised.
User Protection Measures Urged
Authorities have advised institutions and users to avoid clicking suspicious email links, protect login credentials, and immediately report any unusual account activity. Further details may be released after the investigation is completed.
About the author – Ayesha Aayat is a law student and contributor covering cybercrime, online frauds, and digital safety concerns. Her writing aims to raise awareness about evolving cyber threats and legal responses.
