Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

LexisNexis Legal & Professional hit by network compromise

Incident
First reported
Last updated
Happening score
H score 35
1 unique sources, 1 articles

Summary

Hide ▲

LexisNexis Legal & Professional confirmed a server breach after an unauthorized party accessed a limited number of servers, creating risk that internal customer and business data was exposed. The affected systems held mostly legacy data prior to 2020, and the company said it found no evidence that products or services were impacted. The intrusion was tied to an unpatched React frontend app in AWS infrastructure and was later said to be contained.

Related Happenings

Stryker hit by cyberattack

Incident
First: 12.03.2026 11:30 Last: 12.03.2026 11:30 Sources 1

About this happening: Stryker confirmed a **cyberattack** that caused **global disruption** to its **Microsoft environment**, interrupting access to business systems and applications. The company said...

Open Happening

AkzoNobel hit by ransomware attack

Incident
First: 04.03.2026 01:00 Last: 04.03.2026 01:00 Sources 1

About this happening: The **multinational Dutch paints company AkzoNobel** confirmed a **security incident** at **one of its U.S. sites**, saying the intrusion was **contained** and the impact **limite...

Open Happening

LexisNexis Legal & Professional data leak after AWS intrusion

Data Leak
First: 03.03.2026 17:40 Last: 03.03.2026 17:40 Sources 1

How related: The company's data breach confirmation comes as a threat actor named FulcrumSec leaked 2GB of files on various underground forums and sites.

About this happening: **FulcrumSec** leaked **2GB of files** tied to **LexisNexis Legal & Professional**, exposing customer and business information that could be used for follow-on abuse. The company...

Open Happening

Organization hit by network compromise

Incident
First: 13.01.2026 15:08 Last: 13.01.2026 15:08 Sources 1

About this happening: A **Target employee workstation** was compromised by **infostealer malware** in **late September 2025**, raising the risk of internal credential exposure. The infected device repo...

Open Happening

Cloudflare WAF protections for React2Shell (CVE-2025-55182)

Advisory/Mitigation
First: 05.12.2025 17:12 Last: 05.12.2025 17:12 Sources 1

About this happening: Cloudflare rolled out **WAF protections** for **CVE-2025-55182 / React2Shell**, a mitigation aimed at reducing **unauthenticated RCE** risk across **React** deployments. The actio...

Open Happening

Timeline

  1. 03.03.2026 17:40 1 articles · 2mo ago

    FulcrumSec claims February 24 access to LexisNexis AWS infrastructure

    Exploitation Observed

    FulcrumSec claims it gained access to LexisNexis Legal & Professional's AWS infrastructure on February 24 by exploiting the React2Shell vulnerability in an unpatched React frontend app and says it exfiltrated 2.04 GB of structured data.

    Show sources
    Open in new tab
  2. 03.03.2026 17:40 2 articles · 2mo ago

    LexisNexis confirms unauthorized server access and contains the intrusion

    Initial Disclosure

    LexisNexis Legal & Professional confirmed that an unauthorized party accessed a limited number of servers, said those servers held mostly legacy, deprecated data from prior to 2020, reported no sensitive PII, financial data, active passwords, customer search queries, or customer contracts in the impacted information, found no evidence that products or services were impacted, and said it notified law enforcement, retained an external cybersecurity expert, and informed current and previous customers.

    Show sources
    Open in new tab