Whoops. The data broker giant LexisNexis has suffered another data breach. LN says the data taken was no big deal. The group claiming credit for the breach claims otherwise, of course.

https://www.bleepingcomputer.com/news/security/lexisnexis-confirms-data-breach-as-hackers-leak-stolen-files/

This brings back memories of previous breach stories. One of my first big scoops that made the WaPo dead tree edition's front page involved a breach at LexisNexis in 2005 that exposed >300k consumer records. That breach was from a group of 15-18y/os in the US who also social engineered T-Mobile into giving them access to Paris Hilton's cell phone and the nudes w/in.

https://web.archive.org/web/20160513195758/http://www.washingtonpost.com/wp-dyn/content/article/2005/05/19/AR2005051901854_pf.html

In 2013, I published a scoop about a LexisNexis breach that came from group of criminal hackers who had seized control over ssndob[.]ru, then the largest ID theft service in the underground. In that months-long investigation, we found the hackers had installed backdoors on servers at LexisNexis, Dun & Bradstreet, and Kroll and were using them as part of a small and custom data broker botnet.

https://krebsonsecurity.com/2013/09/data-broker-giants-hacked-by-id-theft-service/