"The threat actor FulcrumSec says it gained initial access on Feb. 24 by exploiting the React2Shell vulnerability in an unpatched React frontend application - a flaw the company had reportedly left unaddressed for months. The group then leveraged its position inside a React container that had been granted read access to hundreds of Redshift tables, VPC database tables, AWS Secrets Manager secrets, employee password hashes, and millions of database records."
"The attackers posted a lengthy manifesto on March 3 and a link to more than 3.9 million internal records allegedly exfiltrated from the company's AWS infrastructure, including plaintext login credentials and profile data tied to roughly 400,000 users."
"Among the most sensitive claims, FulcrumSec says it obtained information related to more than 100 users with .gov email addresses, including federal judges and law clerks, U.S. Department of Justice attorneys, and SEC staff."
LexisNexis Legal & Professional confirmed a security breach after threat actor FulcrumSec publicly disclosed stolen files and intrusion details. The attackers gained initial access on February 24 by exploiting the React2Shell vulnerability in an unpatched React frontend application left unaddressed for months. From a compromised React container with read access to hundreds of Redshift tables and AWS resources, they exfiltrated over 3.9 million internal records, including plaintext login credentials and profile data for approximately 400,000 users. Notably, the breach exposed information on over 100 users with .gov email addresses, including federal judges, law clerks, Department of Justice attorneys, and SEC staff. LexisNexis stated the matter is contained with no evidence of product or service compromise, and engaged cybersecurity forensics firms while reporting to law enforcement.
#data-breach #cybersecurity-vulnerability #aws-infrastructure-attack #government-data-exposure #unpatched-software-exploitation
Read at LawSites
Unable to calculate read time
Collection
[
|
...
]