RPSS
Company Details
Linkedin ID:
racquet-and-paddle
Employees number:
None employees
Number of followers:
276
NAICS:
None
Industry Type:
Homepage:
racquetpaddlesportsshow.com
IP Addresses:
0
Company ID:
RAC_1959095
Scan Status:
In-progress
Internal validation & live display
Multiple badges & continuous verification
Faster underwriting decisions
Racquet & Paddle Sports Show Vendor Cyber Rating & Cyber Score
racquetpaddlesportsshow.comThe Racquet & Paddle Sports Show is an annual four-day, multi-faceted B2B event for the tennis, racquet and paddle sports industry, bringing together racquet sport professionals, industry leaders, established suppliers, emerging brands, allied sport organizations and industry media. The Racquet & Paddle Sports will be co-located with the PGA Merchandise Show at the Orange County Convention Center.
Racquet & Paddle Sports Show A.I CyberSecurity Scoring
RPSS Risk Score (AI oriented)Between 750 and 799
RPSS
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
RPSS Global Score (TPRM)XXXX
RPSS
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
RPSS Company CyberSecurity News & History
Past Incidents
5
Attack Types
1
Amazon Web Services (AWS)
LexisNexisRELX Group and LexisNexis Legal & Professional: LexisNexis Data Breach — Threat Actor Allegedly Claims 2.04 GB Stolen
Breach
Rankiteo Explanation
Attack threatening the organization's existence
Description: FulcrumSec Claims Breach of LexisNexis, Exposing 2GB of Sensitive Legal Data On March 3, 2026, the threat actor FulcrumSec publicly took responsibility for a breach of LexisNexis Legal & Professional, a division of RELX Group, alleging the theft of 2.04 GB of structured data from the company’s AWS cloud infrastructure. The attack, which began on February 24, exploited the React2Shell vulnerability in an unpatched React frontend application a flaw reportedly left unaddressed for months. FulcrumSec gained access via the compromised LawfirmsStoreECSTaskRole ECS task container, which had broad permissions, including read access to: - Production Redshift data warehouse - 17 VPC databases - AWS Secrets Manager - Qualtrics survey platform The actor criticized LexisNexis’s security practices, highlighting that the RDS master password was set to "Lexis1234" and that a single task role had access to all AWS Secrets Manager entries, including production database credentials. Exposed Data Includes: - 3.9 million database records - 400,000 cloud user profiles (names, emails, phone numbers, job functions) - 21,042 enterprise customer accounts - 45 employee password hashes - 118 .gov email accounts (federal judges, DOJ attorneys, U.S. SEC staff, and court law clerks) - 53 plaintext AWS Secrets Manager secrets - Complete VPC infrastructure map FulcrumSec clarified that this breach is unrelated to the December 2024 GitHub incident, where attackers stole Social Security numbers of 364,000 individuals via a third-party development platform. The repeated compromises raise concerns about systemic security gaps in one of the world’s largest legal data repositories.
LexisNexis Legal & Professional: LexisNexis confirms data breach as hackers leak stolen files
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: LexisNexis Confirms Data Breach After Hackers Exploit Unpatched React App LexisNexis Legal & Professional, a global provider of legal, regulatory, and business analytics tools, has confirmed a data breach after hackers exploited an unpatched React frontend application to gain access to its AWS infrastructure. The incident, which occurred on February 24, was disclosed following a 2GB data leak by the threat actor FulcrumSec across underground forums. The breach stemmed from the React2Shell vulnerability, allowing attackers to infiltrate LexisNexis’ cloud environment. While the company stated that the compromised data was "legacy and deprecated" dating mostly from before 2020 it included customer names, user IDs, business contact details, IP addresses from surveys, and support tickets. LexisNexis emphasized that no sensitive personal or financial data (such as Social Security numbers, credit card details, or active passwords) was exposed. However, FulcrumSec claimed to have exfiltrated 3.9 million database records, including: - 21,042 customer accounts - 5,582 attorney survey responses - 45 employee password hashes - 53 AWS Secrets Manager secrets in plaintext - 400,000 cloud user profiles (with names, emails, and job functions) - 118 .gov email accounts linked to U.S. government employees, federal judges, DOJ attorneys, and SEC staff The hackers also accessed 536 Redshift tables and 430+ VPC database tables, along with a complete mapping of LexisNexis’ VPC infrastructure. FulcrumSec criticized the company’s security practices, noting that a single ECS task role had excessive read access, including to the production Redshift master credential. LexisNexis stated that the intrusion was contained and that no evidence suggested product or service disruption. The company has engaged law enforcement and external cybersecurity experts to investigate and has notified affected customers. This incident follows a 2023 breach where hackers compromised a corporate account, exposing data on 364,000 customers.
LexisNexis: LexisNexis Hack Exposes 3.9M Records Through Unpatched React Vulnerability
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: LexisNexis Breach Exposes Millions of Records Due to Unpatched React Vulnerability A major data breach at LexisNexis provider of legal and data analytics services to governments and corporations in over 150 countries has exposed nearly 4 million records, including customer accounts, password hashes, and cloud infrastructure details. The attack, carried out by the hacker group FulcrumSec, exploited an unpatched React2Shell vulnerability in the company’s systems, despite a patch being available since 2025. Hackers gained access to AWS containers containing sensitive data, leveraging insecure cloud configurations to exfiltrate over 2GB of stolen information, later dumped on dark web platforms. Exposed data included: - 3.9 million database records - 21,042 customer accounts - 5,582 attorney survey responses - 45 employee password hashes - 53 AWS Secrets Manager secrets in plaintext - Complete VPC infrastructure mapping LexisNexis confirmed the breach but downplayed its impact, stating the compromised servers contained mostly legacy data pre-2020, such as customer names, business contact details, and support tickets. The company assured that no Social Security numbers, financial data, or active passwords were exposed. Affected customers have been notified, and law enforcement has been engaged, along with a third-party cybersecurity firm to investigate and mitigate the incident. The breach underscores a persistent cybersecurity weakness: failure to apply critical patches. Despite the vulnerability being public for months, LexisNexis continued running an outdated React application, allowing attackers to exploit a known flaw. The incident highlights how even security-conscious organizations can fall victim to basic oversights, with potential ripple effects across government and legal sectors.
LexisNexis Risk Solutions and LexisNexis: LexisNexis Investigates Breach, Customer Data Access
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: LexisNexis Confirms Data Breach Affecting Legacy Customer Data LexisNexis, the legal and business intelligence provider, has confirmed a data breach involving legacy servers containing customer information. The incident, disclosed on Tuesday, exposed names, business contact details, user identities, product usage records, IP addresses from customer surveys, and support ticket data though no sensitive personally identifiable information (PII) such as Social Security numbers, financial details, or active passwords was accessed. The company stated that the breach was contained following an investigation, with no evidence of compromise to its active products or services. LexisNexis engaged an unnamed cybersecurity forensic firm and notified law enforcement, as well as affected current and former customers. The compromised servers held deprecated data from before 2020. Threat actor FulcrumSec claimed responsibility, alleging access to LexisNexis’ Amazon Web Services (AWS) infrastructure via an unpatched React2Shell vulnerability in a frontend application. The group posted 2GB of files in underground forums, asserting that the breach impacted records from law firms, insurance companies, government agencies, and universities. FulcrumSec also claimed to have contacted LexisNexis about the incident but received no cooperation. This is not the first breach for LexisNexis. In December 2024, its Risk Solutions division suffered an incident affecting 364,000 individuals, discovered in 2025. FulcrumSec has also taken credit for a prior breach at electronics distributor Avnet, confirmed in October. The incident follows recent high-profile cyberattacks, including the exploitation of Fortinet FortiGate firewalls, a July 2025 ransomware attack on Ingram Micro, and critical vulnerabilities in Ivanti’s mobile management tools.
LexisNexis: LexisNexis confirms data breach, says hackers hit customer and business info
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: LexisNexis Data Breach: Hackers Claim Far Greater Access Than Company Admits Cybersecurity researchers have uncovered a data breach at LexisNexis, the U.S.-based analytics firm, with hackers alleging far more extensive access than the company has acknowledged. The threat actor group *FulcrumSec* leaked 2GB of stolen files on underground forums, claiming to have exploited an unpatched React frontend application using the open-source post-exploitation tool *React2Shell*. According to the hackers, the breach exposed hundreds of Redshift and VPC database tables, plaintext AWS Secrets Manager credentials, employee password hashes, and millions of records. Among the compromised data were details of over 100 government users, including federal judges, U.S. Department of Justice attorneys, and SEC staff, as well as approximately 400,000 cloud user profiles containing names, email addresses, phone numbers, and job functions. LexisNexis confirmed the incident but downplayed its severity, stating that the stolen data was "legacy" and "deprecated," dating back to before 2020. The company asserted that the breach did not involve Social Security numbers, financial details, active passwords, or sensitive legal or contractual information. A spokesperson noted that the exposed data included only outdated customer names, user IDs, business contact details, and support ticket records. FulcrumSec claimed it attempted to negotiate with LexisNexis likely for a ransom but the company declined to engage. LexisNexis has since stated that the attack has been contained. The discrepancy between the hackers' claims and the company’s response raises questions about the true scope of the breach and its potential impact on affected users.
RPSS Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for RPSS
Incidents vs Sporting Goods Industry Average (This Year)
No incidents recorded for Racquet & Paddle Sports Show in 2026.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Racquet & Paddle Sports Show in 2026.
Incident Types RPSS vs Sporting Goods Industry Avg (This Year)
No incidents recorded for Racquet & Paddle Sports Show in 2026.
Incident History — RPSS (X = Date, Y = Severity)
RPSS cyber incidents detection timeline including parent company and subsidiaries
RPSS Company Subsidiaries
The Racquet & Paddle Sports Show is an annual four-day, multi-faceted B2B event for the tennis, racquet and paddle sports industry, bringing together racquet sport professionals, industry leaders, established suppliers, emerging brands, allied sport organizations and industry media. The Racquet & Paddle Sports will be co-located with the PGA Merchandise Show at the Orange County Convention Center.
Loading...
RPSS Similar Companies
CAE
At CAE, we exist to make the world safer. We deliver cutting-edge training, simulation, and critical operations solutions to prepare aviation professionals and defence forces for the moments that matter. Every day, we empower pilots, cabin crew, maintenance technicians, airlines, business aviation o
A global aerospace company headquartered in Brazil, Embraer has businesses in Commercial and Executive Aviation, Defense & Security, and Agricultural Aviation. The company designs, develops, manufactures and markets aircraft and systems, providing Services and Support to customer after-sales. Sinc
Airbus
Airbus pioneers sustainable aerospace for a safe and united world. The Company constantly innovates to provide efficient and technologically-advanced solutions in aerospace, defence, and connected services. In commercial aircraft, Airbus designs and manufactures modern and fuel-efficient airliners
Federal Aviation Administration
The FAA is on the leading edge of a new frontier in commercial space transportation, building the next generation (NextGen) of satellite-based navigation systems, and fostering the safe integration of unmanned aerial systems into our airspace. We can only dream of what the next 50 years of American
Textron Inc. is a multi-industry company that leverages its global network of aircraft, defense, industrial and finance businesses to provide customers with innovative solutions and services. Textron is known around the world for its powerful brands such as Bell, Cessna, Beechcraft, Pipistrel, Jacob
We are building a road to space for the benefit of Earth, humanity’s blue origin. Our team is focused on radically reducing the cost of access to space and harnessing its vast resources while mobilizing future generations to realize this mission. Blue Origin builds reusable rocket engines, launch ve
NASA - National Aeronautics and Space Administration
For more than 60 years, NASA has been breaking barriers to achieve the seemingly impossible—from walking on the Moon to pushing the boundaries of human spaceflight farther than ever before. We work in space and around the world in laboratories and wind tunnels, on airfields and in control rooms to e
Bombardier
Bombardier is a global leader in aviation, focused on designing, manufacturing, and servicing the world's most exceptional business jets. Bombardier’s Challenger and Global aircraft families are renowned for their cutting-edge innovation, cabin design, performance, and reliability. Bombardier has a
B/E Aerospace
B/E Aerospace is now part of Rockwell Collins. With the acquisition of B/E Aerospace in April 2017, Rockwell Collins is now a world leader in designing, developing and manufacturing cabin interior products and services that deliver innovation, reliability and efficiency. Our broad range of offeri
.png)
RPSS CyberSecurity News
March 28, 2026 04:43 AM
Wilson Blade 26 V9 Tennis Racket - Junior 26 Inch Lightweight Racquet Pre-Strung For Ages 8-10
Junior Tennis Racket Wilson Blade 26 V9 Tennis Racket - Junior 26 Inch Lightweight Racquet Pre-Strung For Ages 8-10 Tennis Rackets.
March 28, 2026 03:44 AM
World No. 1 Hania ends Rachel's run in Wimbledon
KUALA LUMPUR: Rachel Arnold's run at the Optasia Championships came to an end after she was outclassed by world No. 1 Hania El Hammamy in...
March 28, 2026 02:43 AM
Sinner ousts Zverev to book Miami Open final with Lehecka
MIAMI: World number two Jannik Sinner of Italy stretched his win streak over fourth-ranked Alexander Zverev to seven matches on Friday,...
March 28, 2026 12:42 AM
Czech Lehecka beats France's Fils to reach Miami Open final
MIAMI: Czech Jiri Lehecka dominated France's Arthur Fils 6-2, 6-2 on Friday to reach the men's final at the ATP and WTA Miami Open.
March 27, 2026 05:45 PM
UEKPDM Portable Tennis Racquet Scorekeeper - ITF Conforming, Lightweight (1.9g), Mounts On Throat
ITF Conforming Score Keeper UEKPDM Portable Tennis Racquet Scorekeeper - ITF Conforming, Lightweight (1.9g), Mounts On Throat Paddle Gifts.
March 27, 2026 03:24 PM
The SoCal Padel Pioneers: How Four Founders Are Building the Future of Racquet Sports in Los Angeles
In the sprawling landscape of Los Angeles, a new rhythm is taking hold and it's the sharp, unmistakable pop of a padel ball.
March 27, 2026 01:59 PM
Belgian Icon David Goffin To Hang Up His Racquet At End Of Season
David Goffin, the first Belgian man to break into the top-10 world rankings, revealed that he will hang up his racquet at the conclusion of...
March 27, 2026 07:10 AM
Global Tennis Equipment Market to Reach $278.5 Million by 2036
The global tennis equipment market is projected to grow at a CAGR of 4.9% from 2026 to 2036, reaching $278.5 million.
March 27, 2026 04:42 AM
Notes: Racquet from 1st Djokovic US Open Win, US Women's Hockey Jerseys; NHL Star Pucks Up for Auction
Racquets from milestone moments early in Novak Djokovic's career are up for auction this weekend. Jerseys from the gold medal-winning...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
RPSS CyberSecurity History Information
Official Website of Racquet & Paddle Sports Show
The official website of Racquet & Paddle Sports Show is http://www.racquetpaddlesportsshow.com/.
Racquet & Paddle Sports Show’s AI-Generated Cybersecurity Score
According to Rankiteo, Racquet & Paddle Sports Show’s AI-generated cybersecurity score is 755, reflecting their Fair security posture.
How many security badges does Racquet & Paddle Sports Show’ have ?
According to Rankiteo, Racquet & Paddle Sports Show currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Has Racquet & Paddle Sports Show been affected by any supply chain cyber incidents ?
According to Rankiteo, Racquet & Paddle Sports Show has been affected by multiple supply chain cyber incidents. The affected supply chain sources and their corresponding incident IDs are:
- Amazon Web Services (AWS) (Incident ID: RELLEX1772562253)
- LexisNexis (Incident ID: LEX1772555037)
Does Racquet & Paddle Sports Show have SOC 2 Type 1 certification ?
According to Rankiteo, Racquet & Paddle Sports Show is not certified under SOC 2 Type 1.
Does Racquet & Paddle Sports Show have SOC 2 Type 2 certification ?
According to Rankiteo, Racquet & Paddle Sports Show does not hold a SOC 2 Type 2 certification.
Does Racquet & Paddle Sports Show comply with GDPR ?
According to Rankiteo, Racquet & Paddle Sports Show is not listed as GDPR compliant.
Does Racquet & Paddle Sports Show have PCI DSS certification ?
According to Rankiteo, Racquet & Paddle Sports Show does not currently maintain PCI DSS compliance.
Does Racquet & Paddle Sports Show comply with HIPAA ?
According to Rankiteo, Racquet & Paddle Sports Show is not compliant with HIPAA regulations.
Does Racquet & Paddle Sports Show have ISO 27001 certification ?
According to Rankiteo,Racquet & Paddle Sports Show is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Racquet & Paddle Sports Show
Racquet & Paddle Sports Show operates primarily in the Sporting Goods industry.
Number of Employees at Racquet & Paddle Sports Show
Racquet & Paddle Sports Show employs approximately None employees people worldwide.
Subsidiaries Owned by Racquet & Paddle Sports Show
Racquet & Paddle Sports Show presently has no subsidiaries across any sectors.
Racquet & Paddle Sports Show’s LinkedIn Followers
Racquet & Paddle Sports Show’s official LinkedIn profile has approximately 276 followers.
NAICS Classification of Racquet & Paddle Sports Show
Racquet & Paddle Sports Show is classified under the NAICS code None, which corresponds to Others.
Racquet & Paddle Sports Show’s Presence on Crunchbase
No, Racquet & Paddle Sports Show does not have a profile on Crunchbase.
Racquet & Paddle Sports Show’s Presence on LinkedIn
Yes, Racquet & Paddle Sports Show maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/racquet-and-paddle.
Cybersecurity Incidents Involving Racquet & Paddle Sports Show
As of April 04, 2026, Rankiteo reports that Racquet & Paddle Sports Show has experienced 5 cybersecurity incidents.
Number of Peer and Competitor Companies
Racquet & Paddle Sports Show has an estimated 367 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Racquet & Paddle Sports Show ?
Incident Types: The types of cybersecurity incidents that have occurred include Breach.
How does Racquet & Paddle Sports Show detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an third party assistance with external cybersecurity experts engaged, and law enforcement notified with yes, and containment measures with intrusion contained, and communication strategy with notified affected customers, and third party assistance with unnamed cybersecurity forensic firm, and law enforcement notified with yes, and containment measures with breach contained following investigation, and communication strategy with notified affected current and former customers, and containment measures with attack contained (per company statement), and communication strategy with public statement downplaying severity, and third party assistance with third-party cybersecurity firm engaged, and law enforcement notified with yes, and communication strategy with affected customers notified..
Incident Details
Can you provide details on each incident ?
Title: LexisNexis Data Breach After Hackers Exploit Unpatched React App
Description: LexisNexis Legal & Professional confirmed a data breach after hackers exploited an unpatched React frontend application to gain access to its AWS infrastructure. The breach resulted in a 2GB data leak by the threat actor FulcrumSec, including legacy and deprecated customer data.
Date Detected: 2024-02-24
Type: Data Breach
Attack Vector: Exploitation of unpatched React2Shell vulnerability in frontend application
Vulnerability Exploited: React2Shell vulnerability
Threat Actor: FulcrumSec
Title: FulcrumSec Claims Breach of LexisNexis, Exposing 2GB of Sensitive Legal Data
Description: On March 3, 2026, the threat actor FulcrumSec publicly took responsibility for a breach of LexisNexis Legal & Professional, a division of RELX Group, alleging the theft of 2.04 GB of structured data from the company’s AWS cloud infrastructure. The attack exploited the React2Shell vulnerability in an unpatched React frontend application, gaining access via the compromised LawfirmsStoreECSTaskRole ECS task container with broad permissions. Exposed data includes 3.9 million database records, 400,000 cloud user profiles, 21,042 enterprise customer accounts, 45 employee password hashes, 118 .gov email accounts, and 53 plaintext AWS Secrets Manager secrets.
Date Detected: 2026-02-24
Date Publicly Disclosed: 2026-03-03
Type: Data Breach
Attack Vector: Exploitation of unpatched vulnerability (React2Shell)
Vulnerability Exploited: React2Shell vulnerability in React frontend application
Threat Actor: FulcrumSec
Title: LexisNexis Data Breach Affecting Legacy Customer Data
Description: LexisNexis, the legal and business intelligence provider, confirmed a data breach involving legacy servers containing customer information. The incident exposed names, business contact details, user identities, product usage records, IP addresses from customer surveys, and support ticket data. No sensitive personally identifiable information (PII) such as Social Security numbers, financial details, or active passwords was accessed.
Date Publicly Disclosed: 2025-07-30
Type: Data Breach
Attack Vector: Unpatched React2Shell vulnerability in a frontend application
Vulnerability Exploited: React2Shell
Threat Actor: FulcrumSec
Title: LexisNexis Data Breach: Hackers Claim Far Greater Access Than Company Admits
Description: Cybersecurity researchers uncovered a data breach at LexisNexis, with hackers alleging far more extensive access than the company acknowledged. The threat actor group FulcrumSec leaked 2GB of stolen files, claiming to have exploited an unpatched React frontend application using the open-source post-exploitation tool React2Shell. The breach exposed hundreds of Redshift and VPC database tables, plaintext AWS Secrets Manager credentials, employee password hashes, and millions of records, including details of over 100 government users and approximately 400,000 cloud user profiles. LexisNexis confirmed the incident but downplayed its severity, stating the stolen data was 'legacy' and 'deprecated.'
Type: Data Breach
Attack Vector: Exploitation of unpatched React frontend application (React2Shell)
Vulnerability Exploited: Unpatched React frontend application
Threat Actor: FulcrumSec
Motivation: Likely financial (ransom negotiation attempted)
Title: LexisNexis Breach Exposes Millions of Records Due to Unpatched React Vulnerability
Description: A major data breach at LexisNexis, a provider of legal and data analytics services to governments and corporations in over 150 countries, has exposed nearly 4 million records, including customer accounts, password hashes, and cloud infrastructure details. The attack exploited an unpatched React2Shell vulnerability in the company’s systems, leading to the exfiltration of over 2GB of stolen information, later dumped on dark web platforms.
Type: Data Breach
Attack Vector: Unpatched Vulnerability (React2Shell)
Vulnerability Exploited: React2Shell
Threat Actor: FulcrumSec
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Unpatched React frontend application, LawfirmsStoreECSTaskRole ECS task container, AWS infrastructure via unpatched React2Shell vulnerability, Unpatched React frontend application and Unpatched React2Shell vulnerability.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach LEX1772555037
Data Compromised: 2GB of data leaked, including customer names, user IDs, business contact details, IP addresses, survey responses, support tickets, employee password hashes, AWS Secrets Manager secrets, cloud user profiles, and government email accounts
Systems Affected: AWS infrastructure, ECS task roles, Redshift tables, VPC database tables
Downtime: No evidence of product or service disruption
Operational Impact: Contained intrusion, no service disruption reported
Identity Theft Risk: Potential risk due to exposed personal and business contact details
Payment Information Risk: No sensitive financial data exposed
Incident : Data Breach RELLEX1772562253
Data Compromised: 2.04 GB of structured data
Systems Affected: AWS cloud infrastructureProduction Redshift data warehouse17 VPC databasesAWS Secrets ManagerQualtrics survey platform
Brand Reputation Impact: Systemic security gaps concerns
Identity Theft Risk: High (exposure of PII, .gov email accounts, and password hashes)
Incident : Data Breach LEX1772584112
Data Compromised: Names, business contact details, user identities, product usage records, IP addresses, support ticket data
Systems Affected: Legacy servers (deprecated data from before 2020)
Incident : Data Breach LEX1772641919
Data Compromised: 2GB of stolen files, including database tables, AWS Secrets Manager credentials, employee password hashes, and millions of records
Systems Affected: Redshift databasesVPC databasesAWS Secrets Manager
Brand Reputation Impact: Potential reputational damage due to discrepancy in breach scope
Identity Theft Risk: High (exposure of names, email addresses, phone numbers, and job functions)
Incident : Data Breach LEX1772815548
Data Compromised: 3.9 million database records, 21,042 customer accounts, 5,582 attorney survey responses, 45 employee password hashes, 53 AWS Secrets Manager secrets, VPC infrastructure mapping
Systems Affected: AWS containers, legacy servers
Brand Reputation Impact: Potential ripple effects across government and legal sectors
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Customer Names, User Ids, Business Contact Details, Ip Addresses, Survey Responses, Support Tickets, Employee Password Hashes, Aws Secrets Manager Secrets, Cloud User Profiles, Government Email Accounts, , Database Records, Cloud User Profiles, Enterprise Customer Accounts, Employee Password Hashes, Government Email Accounts, Aws Secrets Manager Secrets, Vpc Infrastructure Map, , Legacy customer data, Database Tables, Aws Secrets Manager Credentials, Employee Password Hashes, User Profiles, , Customer Accounts, Password Hashes, Cloud Infrastructure Details, Attorney Survey Responses, Aws Secrets Manager Secrets and .
Which entities were affected by each incident ?
Incident : Data Breach LEX1772555037
Entity Name: LexisNexis Legal & Professional
Entity Type: Corporation
Industry: Legal, Regulatory, and Business Analytics
Location: Global
Customers Affected: 21,042 customer accounts, 118 .gov email accounts (U.S. government employees, federal judges, DOJ attorneys, SEC staff)
Incident : Data Breach RELLEX1772562253
Entity Name: LexisNexis Legal & Professional (RELX Group)
Entity Type: Corporation
Industry: Legal Data & Analytics
Customers Affected: 21,042 enterprise customer accounts, 118 .gov email accounts (federal judges, DOJ attorneys, U.S. SEC staff, court law clerks)
Incident : Data Breach LEX1772584112
Entity Name: LexisNexis
Entity Type: Corporation
Industry: Legal and Business Intelligence
Customers Affected: Current and former customers (law firms, insurance companies, government agencies, universities)
Incident : Data Breach LEX1772641919
Entity Name: LexisNexis
Entity Type: Analytics Firm
Industry: Legal and Business Analytics
Location: U.S.
Customers Affected: Over 100 government users (federal judges, U.S. Department of Justice attorneys, SEC staff) and approximately 400,000 cloud user profiles
Incident : Data Breach LEX1772815548
Entity Name: LexisNexis
Entity Type: Corporation
Industry: Legal and Data Analytics
Location: Global (150+ countries)
Customers Affected: 21,042 customer accounts
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Data Breach LEX1772555037
Third Party Assistance: External cybersecurity experts engaged
Law Enforcement Notified: Yes
Containment Measures: Intrusion contained
Communication Strategy: Notified affected customers
Incident : Data Breach LEX1772584112
Third Party Assistance: Unnamed cybersecurity forensic firm
Law Enforcement Notified: Yes
Containment Measures: Breach contained following investigation
Communication Strategy: Notified affected current and former customers
Incident : Data Breach LEX1772641919
Containment Measures: Attack contained (per company statement)
Communication Strategy: Public statement downplaying severity
Incident : Data Breach LEX1772815548
Third Party Assistance: Third-party cybersecurity firm engaged
Law Enforcement Notified: Yes
Communication Strategy: Affected customers notified
How does the company involve third-party assistance in incident response ?
Third-Party Assistance: The company involves third-party assistance in incident response through External cybersecurity experts engaged, Unnamed cybersecurity forensic firm, Third-party cybersecurity firm engaged.
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach LEX1772555037
Type of Data Compromised: Customer names, User ids, Business contact details, Ip addresses, Survey responses, Support tickets, Employee password hashes, Aws secrets manager secrets, Cloud user profiles, Government email accounts
Number of Records Exposed: 3.9 million database records
Sensitivity of Data: Legacy and deprecated data (mostly pre-2020), no sensitive personal or financial data exposed
Data Exfiltration: Yes, 2GB of data leaked
Personally Identifiable Information: Names, business contact details, IP addresses, government email accounts
Incident : Data Breach RELLEX1772562253
Type of Data Compromised: Database records, Cloud user profiles, Enterprise customer accounts, Employee password hashes, Government email accounts, Aws secrets manager secrets, Vpc infrastructure map
Number of Records Exposed: 3.9 million database records, 400,000 cloud user profiles
Sensitivity of Data: High (PII, .gov accounts, plaintext secrets, password hashes)
Data Exfiltration: 2.04 GB of data stolen
Personally Identifiable Information: Names, emails, phone numbers, job functions, .gov email accounts
Incident : Data Breach LEX1772584112
Type of Data Compromised: Legacy customer data
Sensitivity of Data: Non-sensitive PII (no Social Security numbers, financial details, or active passwords)
Data Exfiltration: 2GB of files posted in underground forums
Personally Identifiable Information: Names, business contact details, user identities, IP addresses
Incident : Data Breach LEX1772641919
Type of Data Compromised: Database tables, Aws secrets manager credentials, Employee password hashes, User profiles
Number of Records Exposed: Millions of records (including ~400,000 cloud user profiles)
Sensitivity of Data: High (government users, plaintext credentials, PII)
Data Exfiltration: 2GB of files leaked on underground forums
Personally Identifiable Information: NamesEmail addressesPhone numbersJob functions
Incident : Data Breach LEX1772815548
Type of Data Compromised: Customer accounts, Password hashes, Cloud infrastructure details, Attorney survey responses, Aws secrets manager secrets
Number of Records Exposed: 3.9 million
Sensitivity of Data: Legacy data (pre-2020), including customer names, business contact details, and support tickets. No Social Security numbers, financial data, or active passwords exposed.
Data Exfiltration: 2GB of stolen information dumped on dark web platforms
Personally Identifiable Information: Customer names, business contact details
How does the company handle incidents involving personally identifiable information (PII) ?
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through by intrusion contained, breach contained following investigation and attack contained (per company statement).
Ransomware Information
Was ransomware involved in any of the incidents ?
Incident : Data Breach LEX1772555037
Data Exfiltration: Yes
Incident : Data Breach RELLEX1772562253
Data Exfiltration: Yes
Incident : Data Breach LEX1772641919
Ransom Paid: No (company declined to engage)
Data Exfiltration: Yes
Incident : Data Breach LEX1772815548
Data Exfiltration: Yes
Lessons Learned and Recommendations
What lessons were learned from each incident ?
Incident : Data Breach LEX1772815548
Lessons Learned: Failure to apply critical patches and persistent cybersecurity weaknesses due to outdated software.
What recommendations were made to prevent future incidents ?
Incident : Data Breach LEX1772815548
Recommendations: Apply critical patches promptly, enhance cloud security configurations, and conduct regular vulnerability assessments.
What are the key lessons learned from past incidents ?
Key Lessons Learned: The key lessons learned from past incidents are Failure to apply critical patches and persistent cybersecurity weaknesses due to outdated software.
What recommendations has the company implemented to improve cybersecurity ?
Implemented Recommendations: The company has implemented the following recommendations to improve cybersecurity: Apply critical patches promptly, enhance cloud security configurations and and conduct regular vulnerability assessments..
References
Where can I find more information about each incident ?
Incident : Data Breach LEX1772555037
Source: Cyber Incident Description
Incident : Data Breach RELLEX1772562253
Source: Cyber Incident Description
Incident : Data Breach LEX1772584112
Source: LexisNexis Public Disclosure
Incident : Data Breach LEX1772584112
Source: FulcrumSec Claims
Incident : Data Breach LEX1772641919
Source: Cybersecurity researchers / Underground forums
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Cyber Incident Description, and Source: Cyber Incident Description, and Source: LexisNexis Public Disclosure, and Source: FulcrumSec Claims, and Source: Cybersecurity researchers / Underground forums.
Investigation Status
What is the current status of the investigation for each incident ?
Incident : Data Breach LEX1772555037
Investigation Status: Ongoing
Incident : Data Breach LEX1772584112
Investigation Status: Contained
Incident : Data Breach LEX1772641919
Investigation Status: Contained (per company statement)
Incident : Data Breach LEX1772815548
Investigation Status: Ongoing
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Notified affected customers, Notified affected current and former customers, Public statement downplaying severity and Affected customers notified.
Stakeholder and Customer Advisories
Were there any advisories issued to stakeholders or customers for each incident ?
Incident : Data Breach LEX1772555037
Customer Advisories: Affected customers notified
Incident : Data Breach LEX1772584112
Customer Advisories: Notified affected current and former customers
Incident : Data Breach LEX1772815548
Customer Advisories: Affected customers notified
What advisories does the company provide to stakeholders and customers following an incident ?
Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: were Affected customers notified, Notified affected current and former customers and Affected customers notified.
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Data Breach LEX1772555037
Entry Point: Unpatched React frontend application
High Value Targets: AWS Secrets Manager secrets, Redshift tables, VPC infrastructure
Data Sold on Dark Web: AWS Secrets Manager secrets, Redshift tables, VPC infrastructure
Incident : Data Breach RELLEX1772562253
Entry Point: LawfirmsStoreECSTaskRole ECS task container
Incident : Data Breach LEX1772584112
Entry Point: AWS infrastructure via unpatched React2Shell vulnerability
Incident : Data Breach LEX1772641919
Entry Point: Unpatched React frontend application
High Value Targets: Government Users, Cloud User Profiles,
Data Sold on Dark Web: Government Users, Cloud User Profiles,
Incident : Data Breach LEX1772815548
Entry Point: Unpatched React2Shell vulnerability
High Value Targets: AWS containers, legacy servers
Data Sold on Dark Web: AWS containers, legacy servers
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : Data Breach LEX1772555037
Root Causes: Unpatched React2Shell vulnerability, excessive read access in ECS task role
Incident : Data Breach RELLEX1772562253
Root Causes: Unpatched React2Shell Vulnerability, Over-Permissive Ecs Task Role, Weak Rds Master Password (Lexis1234), Single Task Role With Access To All Aws Secrets Manager Entries,
Incident : Data Breach LEX1772584112
Root Causes: Unpatched React2Shell vulnerability in a frontend application
Incident : Data Breach LEX1772641919
Root Causes: Unpatched vulnerability in React frontend application
Incident : Data Breach LEX1772815548
Root Causes: Unpatched React2Shell vulnerability, insecure cloud configurations
What is the company's process for conducting post-incident analysis ?
Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as External cybersecurity experts engaged, Unnamed cybersecurity forensic firm, Third-party cybersecurity firm engaged.
Additional Questions
General Information
Has the company ever paid ransoms ?
Ransom Payment History: The company has Paid ransoms in the past.
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident were an FulcrumSec, FulcrumSec, FulcrumSec, FulcrumSec and FulcrumSec.
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2024-02-24.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2025-07-30.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were 2GB of data leaked, including customer names, user IDs, business contact details, IP addresses, survey responses, support tickets, employee password hashes, AWS Secrets Manager secrets, cloud user profiles, and government email accounts, 2.04 GB of structured data, Names, business contact details, user identities, product usage records, IP addresses, support ticket data, 2GB of stolen files, including database tables, AWS Secrets Manager credentials, employee password hashes, and millions of records, 3.9 million database records, 21,042 customer accounts, 5,582 attorney survey responses, 45 employee password hashes, 53 AWS Secrets Manager secrets and VPC infrastructure mapping.
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was AWS cloud infrastructureProduction Redshift data warehouse17 VPC databasesAWS Secrets ManagerQualtrics survey platform and and Redshift databasesVPC databasesAWS Secrets Manager and .
Response to the Incidents
What third-party assistance was involved in the most recent incident ?
Third-Party Assistance in Most Recent Incident: The third-party assistance involved in the most recent incident was External cybersecurity experts engaged, Unnamed cybersecurity forensic firm, Third-party cybersecurity firm engaged.
What containment measures were taken in the most recent incident ?
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident were Intrusion contained, Breach contained following investigation and Attack contained (per company statement).
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were 2GB of data leaked, including customer names, user IDs, business contact details, IP addresses, survey responses, support tickets, employee password hashes, AWS Secrets Manager secrets, cloud user profiles, and government email accounts, 3.9 million database records, 21,042 customer accounts, 5,582 attorney survey responses, 45 employee password hashes, 53 AWS Secrets Manager secrets, VPC infrastructure mapping, 2GB of stolen files, including database tables, AWS Secrets Manager credentials, employee password hashes, and millions of records, 2.04 GB of structured data, Names, business contact details, user identities, product usage records, IP addresses and support ticket data.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 12.5M.
Ransomware Information
What was the highest ransom paid in a ransomware incident ?
Highest Ransom Paid: The highest ransom paid in a ransomware incident was No (company declined to engage).
Lessons Learned and Recommendations
What was the most significant lesson learned from past incidents ?
Most Significant Lesson Learned: The most significant lesson learned from past incidents was Failure to apply critical patches and persistent cybersecurity weaknesses due to outdated software.
What was the most significant recommendation implemented to improve cybersecurity ?
Most Significant Recommendation Implemented: The most significant recommendation implemented to improve cybersecurity was Apply critical patches promptly, enhance cloud security configurations and and conduct regular vulnerability assessments..
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident are Cybersecurity researchers / Underground forums, FulcrumSec Claims, LexisNexis Public Disclosure and Cyber Incident Description.
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Ongoing.
Stakeholder and Customer Advisories
What was the most recent customer advisory issued ?
Most Recent Customer Advisory: The most recent customer advisory issued were an Affected customers notified, Notified affected current and former customers and Affected customers notified.
Initial Access Broker
What was the most recent entry point used by an initial access broker ?
Most Recent Entry Point: The most recent entry point used by an initial access broker were an AWS infrastructure via unpatched React2Shell vulnerability, Unpatched React2Shell vulnerability, LawfirmsStoreECSTaskRole ECS task container and Unpatched React frontend application.
Post-Incident Analysis
What was the most significant root cause identified in post-incident analysis ?
Most Significant Root Cause: The most significant root cause identified in post-incident analysis was Unpatched React2Shell vulnerability, excessive read access in ECS task role, Unpatched React2Shell vulnerabilityOver-permissive ECS task roleWeak RDS master password (Lexis1234)Single task role with access to all AWS Secrets Manager entries, Unpatched React2Shell vulnerability in a frontend application, Unpatched vulnerability in React frontend application, Unpatched React2Shell vulnerability, insecure cloud configurations.
.png)
Latest Global CVEs (Not Company-Specific)
Description
nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.3.0, two peer-facing consensus request handlers assume that the history index is always available and call blockchain.history_store.history_index().unwrap() directly. That assumption is false by construction. HistoryStoreProxy::history_index() explicitly returns None for the valid HistoryStoreProxy::WithoutIndex state. when a full node is syncing or otherwise running without the history index, a remote peer can send RequestTransactionsProof or RequestTransactionReceiptsByAddress and trigger an Option::unwrap() panic on the request path. This issue has been patched in version 1.3.0.
Risk Information
cvss3
Base: 5.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Description
PraisonAI is a multi-agent teams system. Prior to version 1.5.95, FileTools.download_file() in praisonaiagents validates the destination path but performs no validation on the url parameter, passing it directly to httpx.stream() with follow_redirects=True. An attacker who controls the URL can reach any host accessible from the server including cloud metadata services and internal network services. This issue has been patched in version 1.5.95.
Risk Information
cvss3
Base: 8.6
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Description
PraisonAI is a multi-agent teams system. Prior to version 4.5.97, OAuthManager.validate_token() returns True for any token not found in its internal store, which is empty by default. Any HTTP request to the MCP server with an arbitrary Bearer token is treated as authenticated, granting full access to all registered tools and agent capabilities. This issue has been patched in version 4.5.97.
Risk Information
cvss3
Base: 9.1
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Description
PraisonAI is a multi-agent teams system. Prior to version 4.5.97, the PraisonAI Gateway server accepts WebSocket connections at /ws and serves agent topology at /info with no authentication. Any network client can connect, enumerate registered agents, and send arbitrary messages to agents and their tool sets. This issue has been patched in version 4.5.97.
Risk Information
cvss3
Base: 9.1
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Description
PraisonAI is a multi-agent teams system. Prior to version 4.5.90, MCPToolIndex.search_tools() compiles a caller-supplied string directly as a Python regular expression with no validation, sanitization, or timeout. A crafted regex causes catastrophic backtracking in the re engine, blocking the Python thread for hundreds of seconds and causing a complete service outage. This issue has been patched in version 4.5.90.
Risk Information
cvss3
Base: 6.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=racquet-and-paddle' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
