Keypoints
- FulcrumSec exploited a React2Shell flaw in an unpatched React frontend to gain AWS access.
- Attackers exfiltrated about 2.04 GB of data, including hundreds of Redshift and VPC tables and 53 plaintext secrets.
- Leaked data reportedly included ~21,042 customer accounts, ~400,000 cloud user profiles, and 118 .gov email addresses.
- LexisNexis states the breached records were mostly legacy, non-sensitive data from before 2020 and no active credentials or financial data were exposed.
- The company notified law enforcement, contracted external cyber experts, informed customers, and says the intrusion has been contained.