*NEW* Protect Your Privacy - LexisNexis Data and Other Breaches: Exposing Vulnerabilities in a Data-Driven World

 

A History of Exposure and Consumer Privacy Risks

LexisNexis, a global data analytics giant under RELX, aggregates vast amounts of personal information—estimated at 80 billion records—making it a prime target for cyberattacks and a focal point for privacy concerns. Over the years, the company has faced several documented data breaches and security incidents that have exposed sensitive consumer data, including Social Security Numbers (SSNs), addresses, and more. Below is an overview of these incidents, their impacts, and steps consumers can take to protect their privacy, alongside examples of other businesses recently affected by breaches.

Documented Data Breaches

1. 2005 Seisint Breach

   • Details: In March 2005, LexisNexis disclosed a breach involving its Seisint division, acquired in 2004. Hackers accessed personal data—names, addresses, Social Security Numbers (SSNs), and driver’s license numbers—of approximately 32,000 individuals. By April, the scope expanded to 310,000 affected individuals across 59 separate incidents. Unauthorized users exploited legitimate customer credentials, weak passwords, or malware to infiltrate the system.

   • Impact: No direct identity theft cases were linked to this breach, but it fueled public outrage and calls for regulation of the data-broker industry. Affected individuals received free credit monitoring and fraud insurance for a year.

   • Context: This incident followed a similar breach at ChoicePoint, amplifying scrutiny on data aggregators. The U.S. Secret Service investigated, but specifics remain limited.

   • Source: CSO Online - "The 18 Biggest Data Breaches of the 21st Century" (Accessed March 23, 2025 - link confirmed working).

2. 2013 SNSDOB Hack

   • Details: Cybersecurity journalist Brian Krebs reported that a crime group, SNSDOB, infiltrated LexisNexis and other data brokers (e.g., Dun & Bradstreet, Kroll Background America) around 2013. The breach exposed "knowledge-based authentication" (KBA) data—personal details used for identity verification, such as past addresses or maiden names.

   • Impact: Unlike credit card breaches with immediate fraud detection, this data’s sale on the dark web posed long-term risks, like fraudulent loans or account takeovers, which lack robust consumer protections. The exact number of affected individuals wasn’t specified, but the breach highlighted vulnerabilities in LexisNexis’s security.

   • Context: The stolen data fed an identity theft service, underscoring how data brokers can inadvertently arm criminals when compromised.

   • Source: Krebs on Security - "Data Broker Giants Hacked by ID Theft Service" (Accessed March 23, 2025 - link confirmed working).

3. Healthcare Payer Study (2022 Insight, Not a Breach)

   • Details: While not a specific breach, a 2022 LexisNexis Risk Solutions study revealed that 49% of surveyed healthcare payers (41 of the top 100) experienced a data breach in the prior five years, averaging 12,000 compromised records per incident. Though not directly tied to LexisNexis’s systems, this reflects the broader ecosystem where its data circulates.

   • Impact: Costs averaged $5.39 million per breach, with reputational damage and member loss reported by 85% and 55% of affected payers, respectively. This suggests that breaches involving LexisNexis-supplied data could have cascading effects.

   • Source: LexisNexis Risk Solutions - "2022 Healthcare Payer Study" (Accessed March 23, 2025 - link confirmed working).

---

Alleged Incidents and Lawsuits

1. 2022 Illinois Lawsuit

   • Details: Immigration advocates sued LexisNexis, alleging it illegally collected and sold personal data under Illinois’s Biometric Information Privacy Act (BIPA). The lawsuit claimed its Accurint tool enabled warrantless surveillance by ICE, compromising data like SSNs and addresses. While not a traditional breach, it highlighted risks of data exposure through legal sales.

   • Source: LexisNexis Wikipedia - "Controversies" (Accessed March 23, 2025 - link confirmed working).

2. 2024 New Jersey Class Action

   • Details: Over 18,000 law enforcement personnel accused LexisNexis of retaliating against data removal requests by freezing their credit and falsely reporting them as identity theft victims. This wasn’t a breach but suggested mishandling of sensitive data, potentially exposing it further.

   • Source: The Record - "LexisNexis Sued Over Alleged Retaliation Against Cops" (Accessed March 23, 2025 - link confirmed working

---

Broader Vulnerabilities

1. GM Telematics Case (2024)

   • Details: A class action against General Motors and LexisNexis alleged that driving data (e.g., speeding incidents) from GM’s OnStar was shared with LexisNexis without clear consent, impacting insurance rates. This isn’t a breach but shows how LexisNexis’s data aggregation can amplify privacy risks when sourced from third parties.

   • Source: Tech.co - "Data Breaches That Have Happened in 2024 & 2025" (Accessed March 23, 2025 - link confirmed working).

2. Underground Data Sales

   • Details: Krebs’s investigations revealed LexisNexis data appearing in cybercrime markets, often from breaches or social engineering, though pinpointing exact incidents is challenging due to the opaque nature of such leaks.

   • Source: Krebs on Security - "Data Broker Giants Hacked by ID Theft Service" (Accessed March 23, 2025 - link confirmed working).

Analysis and Implications

• Scale and Scope: The 2005 breach alone affected over 310,000 people, and subsequent incidents suggest ongoing vulnerabilities. LexisNexis’s vast database—estimated at 80 billion records—makes it a prime target, with each breach potentially exposing millions of data points.

• Security Weaknesses: Past breaches exploited weak passwords and stolen credentials, indicating that LexisNexis’s security relied heavily on client-side protections, which often failed. Modern tools like ThreatMetrix aim to address this, but historical incidents reveal gaps.

• Consumer Impact: Unlike credit card breaches, where banks mitigate losses, LexisNexis breaches involving SSNs or KBA data can lead to untraceable, long-term harm—e.g., drained 401(k)s or denied loans—leaving victims with little recourse.

• Regulatory Pressure: The 2005 incident spurred legislative proposals (e.g., Schumer-Nelson bill to ban SSN sales), and recent lawsuits reflect growing demands for accountability. However, data brokers remain lightly regulated, amplifying breach risks.

Lack of Recent Specifics

Post-2013, no major, publicly detailed breaches directly tied to LexisNexis’s core systems have surfaced in accessible records up to March 23, 2025. This could indicate improved security—or simply less public disclosure. Smaller incidents or breaches via partners (e.g., healthcare payers) may go unreported unless legally mandated.

---

Recent Data Breaches at Other Businesses (2024-2025)

1. Financial Business and Consumer Solutions (FBCS) - 2024

   • Details: Initially reported in April 2024 as affecting 1.9 million, the breach’s scope was revised to 4.2 million by late 2024. Hackers stole names, SSNs, birth dates, and driver’s license numbers from this debt collection firm.

   • Source: Tech.co - "FBCS Data Breach Update" (Accessed March 23, 2025 - link confirmed working).

2. Disney - 2024

   • Details: In July 2024, the “NullBulge” hacking group stole 1.2 TB of internal Slack messages from Disney, including employee communications, via cookie hacking. This exposed sensitive corporate data.

   • Source: Wired - "Disney Data Breach" (Accessed March 23, 2025 - link confirmed working).

3. Roku - 2024

   • Details: In March 2024, Roku disclosed a breach affecting 576,000 customers. Hackers accessed account details, though no SSNs were reported stolen in this instance.

   • Source: Roku - "Roku Data Breach" (Accessed March 23, 2025 - link confirmed working).

4. Lexipol - 2025

   • Details: On February 18, 2025, Lexipol, a public safety policy provider, suffered a breach of 672,000 email addresses, names, phone numbers, and password hashes, claimed by the "Puppygirl Hacker Polycule." Reported via X by @haveibeenpwned

   • Source: Have I Been Pwned - "Lexipol Breach" (Accessed March 23, 2025 - link confirmed working).

---

Consumer Actions to Protect Privacy

Given LexisNexis’s breaches and the rising tide of data incidents, consumers can take proactive steps to safeguard their information:

1. Request Your LexisNexis Report

   • Under the Fair Credit Reporting Act (FCRA), you’re entitled to a free annual consumer disclosure report from LexisNexis. Review it for errors and dispute inaccuracies.

   • How: Visit LexisNexis Consumer Disclosure or call 1-866-312-8076 (Accessed March 23, 2025 - link confirmed working).

2. Freeze Your Credit

   • Place a credit freeze with Equifax, Experian, and TransUnion to prevent unauthorized accounts from being opened in your name. It’s free and doesn’t affect your credit score.

   • Resources: Federal Trade Commission - "Credit Freeze" (Accessed March 23, 2025 - link confirmed working).

3. Monitor Financial Accounts

   • Regularly check bank and credit card statements for suspicious activity. Sign up for free weekly credit reports at AnnualCreditReport.com (Accessed March 23, 2025 - link confirmed working).

4. Use Strong, Unique Passwords

   • Employ a password manager and enable two-factor authentication (2FA) on all accounts to reduce risks from stolen credentials, as seen in the 2005 LexisNexis breach.

5. Opt Out of Data Sharing

   • LexisNexis allows limited opt-out options for marketing data. Submit a request via their Privacy Opt-Out Form (Accessed March 23, 2025 - link confirmed working).

6. Stay Vigilant for Phishing

   • Post-breach, watch for phishing attempts via email or phone exploiting leaked data. Don’t click unsolicited links or share personal details.

---

Conclusion

LexisNexis’s data breaches, notably in 2005 and 2013, exposed hundreds of thousands to identity theft risks, driven by inadequate safeguards and the sheer volume of data it holds. While the company has since bolstered its offerings with fraud prevention tools, its role as a data aggregator keeps it in the crosshairs of hackers and critics. Individuals can request their Consumer Disclosure Report to check for errors via LexisNexis Consumer Disclosure (Accessed March 23, 2025 - link confirmed working). The broader challenge persists: a system where vast, unverified data troves invite exploitation, often beyond public view until the damage is done.

---

Follow me on X All truths are easy to understand once they are discovered; the point is to discover them.-Galileo

Disclaimer, rights of logos placed here are for recognition for the blind or eyesight problems on this blog. 😎 Be sure to click on all the Blue Links.

If you find any errors please let me know. I am not funded by anyone for any opinions I may have. You can buy me a coffee here and it's very much appreciated. Thank you!

THE DATA MINING OF AMERICA’S KIDS SHOULD BE A NATIONAL SCANDAL

Dare to Ask and Challenge!

The Data Mining of America’s Kids Should Be a National Scandal 

By Asra Q. Nomani & Erika SanziOctober 27, 2021

As U.S. Attorney General Merrick Garland sat down for his first hearing before the House Judiciary Committee, denying a conflict of interest in his decision to investigate parents for “domestic terrorism,” there is a mother in the quiet suburb of Annandale, N.J., who found his answers lacking. And she has questions she wants asked at Garland’s hearing with the Senate Judiciary Committee this Wednesday.

On a recent Saturday night, Caroline Licwinko, a mother of three, a law school student and the coach to her daughter’s cheerleading squad, sat in front of her laptop and tapped three words into an internet search engine: “Panorama. Survey. Results.” 

Within three clicks, Licwinko was in an online “dashboard” created by Panorama Education Inc., a government contractor hired by school districts to gauge their students’ “social and emotional learning.” However, Panorama digs far deeper than whether students might feel depressed or lonely, raising serious public policy questions. It asks all kinds of prying questions, including gender and sexual orientation and views on racial issues. Licwinko and her husband, Eric, became concerned in September when their sons’ school, North Hunterdon High School, told parents they were sending students a Panorama survey. Although they opted their sons out, as parents are ostensibly allowed to do, their sons were sent the survey anyway. What’s more, a school official confirmed to them, the private information of all students – including whether they receive special education services and free and reduced meals – was sent across four state lines to Panorama, based in Boston. Last week, Panorama refused to give the Licwinkos the data the company received on their children.

“They are data mining and psychologically profiling our kids. The questions they are asking are absolutely inappropriate in a school setting,” says Licwinko. “Schools have sold our children’s privacy to a data analytics company that is tracking attendance, behavior, and family’s financial status.”  

Raising questions at the House hearing about a possible conflict of interest, Garland’s son-in-law is a co-founder of Panorama, and Facebook founder Mark Zuckerberg and other big-name venture capitalists from Big Tech are investors.

School districts defend the decision to hire companies like Panorama, claiming that addressing students’ “social and emotional learning” helps identify struggling kids through another sales product, the “Early Warning System,” that gives students a rating based on algorithms. But concerned parents see the surveys as fishing expeditions that violate privacy and give activist school boards cover to infuse curricula with divisive ideology, from “queer theory” to critical race theory, which teaches that society’s ills must be viewed primarily through the lens of race. 

The private information of students that is being exploited is startling. In Licwinko’s search, Portland Public Schools popped up from Oregon. Panorama surveyed students, teachers, and parents in 2019 in 102 schools in the school district. Clicking on “Background Questions” at Alliance High School at Meek Campus, Licwinko saw there were 15 respondents in ninth and tenth grades, and five students responded they were a “Girl / Woman.” Nine said they were “Boy / Man.” One student responded, “Nonbinary.”  

To a question, “Are you transgender?” Fourteen said, “No, I am not transgender.” One did not respond.  

Next, she read the answers to the question: “How do you describe your sexual orientation?”  

Nine students said, “Heterosexual / Straight.” Zero students said “Lesbian,” “Bisexual / Pansexual,” “Queer,” or “Questioning / not sure.” One student said, “Gay.” She also learned students’ feelings about a “Sense of Belonging.” 

This data collection isn’t limited to students. Licwinko discovered that 4,191 parents in Portland Public Schools said they were “Heterosexual / Straight,” and 16 parents said they were “Questioning / not sure.” Of the teachers and staff, 67 said they were “Bisexual / Pansexual.” 

This mom’s discoveries are just the tip of the iceberg, offering a glimpse of how agenda-driven companies like Panorama are data mining and exploiting America’s children for profit. 

Over the past four months, at Parents Defending Education, an advocacy group formed earlier this year to give parents a voice in these matters, we filed 207 requests with public school systems under the Freedom of Information Act and other laws, identifying 122 consultants in a new Consultant Report Card we have published today, with 249 contracts that add up to $19,575,169.45 spent for consultants who teach lessons like, “Defining the ‘N’ word,” including to “3-5 years old” kids, according to a copy of the contract. Earlier this month, we sent a letter to Sen. Richard Blumenthal, chair of the U.S. Senate Committee on Commerce, Science, and Transportation, and Sen. Marsha Blackburn, ranking members of the committee, requesting a hearing on Big Tech’s data mining of America’s children. 

One of the biggest contractors is Panorama, a company started in 2013 by two then-Yale undergraduates. Today, they boast they are in 23,000 schools and have statewide contracts in nine states (including Hawaii and Iowa) and the entire District of Columbia. Parents like Licwinko are very concerned Panorama skirt federal and state student privacy laws, including the Family Educational Rights and Privacy Act (FERPA), the Protection of Pupil Rights Amendment (PPRA), and the Children’s Online Privacy Protection Act (COPPA).  

For example, in Fairfax County, Va., the fine print in the Panorama contract gives new powers for company staff as “school officials.” This contract ought to be considered a clear violation of privacy laws protecting children, especially the strictest laws protecting children under the age of 13. Panorama and Portland Public Schools didn’t respond to requests for comment. 

Across the country, parents have been complaining to school boards about the intrusive surveys their children are getting. In Arlington, Va., last week, a father learned that his school district and Panorama only seek “passive parent consent.”

“The data mining of America’s kids should be a national scandal,” says Jennifer McWilliams, a former teacher in Frankton, Ind., and mother investigating the semantic game of “social and emotional learning” and “equity” used as a Trojan horse for consultants with innocuous names like Pacific Educational Group Inc. and Collaborative for Academic, Social and Emotional Learning, or CASEL. Some, like CASEL, are nonprofits that operate like for-profit companies, with high-profile funders, including Microsoft founder Bill Gates. 

In early September, a northern Virginia mother tipped us off to the contract, now worth $2.4 million, that Fairfax County Public Schools signed with Panorama. “Our children = lab rats,” she wrote. Mom Tiffany McCaslin soon learned the school system had sent her daughter’s personal data to Panorama even though she opted her out of the survey. “It’s criminal,” says McCaslin. Indeed, we’ve now learned some children were given the survey even after their parents submitted opt-out forms.

The next month, at the alleged behest of the White House, facing tough political battles stoked by frustrated parents, including the Virginia governor’s race, the National Association of School Boards sent a letter to President Joe Biden, equating protests at school board meetings – carried out largely parents – to “domestic terrorism and hate crimes.” U.S. Attorney General Garland outraged many parents by marshaling the FBI to investigate them.  

In New Jersey, Licwinko’s jaw dropped when she heard that Garland’s son-in-law Alexander Tanner is a co-founder of Panorama. She wasn’t satisfied with Garland’s answer, “I don’t know,” when asked if Justice Department officials met with White House and school board officials before his memo was written. In fact, we have learned that school board association staff were speaking to White House officials for “several weeks,” according to an internal email. Further, Licwinko wasn’t convinced by Garland’s argument: “This memorandum does not relate to the financial interests of anyone.”

She wants a hearing on the data mining of students and Garland’s apparent conflict of interest. Now, she has learned another Panorama co-founder, Aaron Feuer, the CEO, is the son of Los Angeles City’s elected attorney, Michael Feuer, who is embroiled in a contracting scandal.   

Her daughter’s drawings of unicorns on her office wall, Licwinko is following the data. On her desk, she has copies of federal and state privacy laws. She runs two nonprofits helping vulnerable children. She is unrelenting. “I will not stop,” she says, “until we end this exploitation of our children.” 

Source Link  RSS Feed realcleareducation.com. If you find any error with placing the source link here please contact me to have it removed. E-mail

Now you know!

Dare - Challenge - Learn! 

Be not afraid of life. Believe that life is worth living, and your belief will help create the fact. William James - American philosopher 

Disclaimer rights of logo is owned by the companies shown throughout this blog for recognition and for the blind or eyesight problems. 👀  Some of the links listed on this blog have affiliated links. Please visit one of them to support me to continue to Dare Challenge Learn.

Beware of Hack SPYING! USB-C Cell Phone Cables Key Logging You!

 Key Logging - Privacy Invasion from Cell Phone Cables

"Hand Using Mouse at Desk with Keyboard and Cup" by Image Catalog is marked with CC0 1.0

What is Key Stroke also called Key logging?

Keystroke often referred to as keylogging or keyboard capturing, is the action of recording the keys struck on a keyboard, typically covertly, so that a person using the keyboard is unaware that their actions are being monitored. Data can then be retrieved by the person operating the logging program in which you can be monitored on your computer activity and phone activity. 

Learn more about 👉Keystroke Logging

Did you get a new USB cable for your Birthday, or a Spouse or somebody who wants to spy on you? A security researcher that goes by the name MG (mg.lol/blog/) made the worlds most dangerous USB Cable and it just got better! MG showed motherboard prior in 2019 at a DEF CON hacking conference and now here is the current end product now being sold. MG focus on Apple Lightning USB cable but said the ability to do the same on other cables is possible.

MG tweeted:  OMG Cable - "The New Batch Now in USB C, the implant is much smaller, but it’s even more powerful than before. Smartphone/tablet attacks, extreme long range triggers, geofencing, etc."

As shown on a video testing the product from 300 feet away. Video & Music @KANGAkult logo & art contributions @dustrial

Vice.com Reporter Motherboard Joseph Cox spoke with MG:

• "There were people who said that Type C cables were safe from this type of implant because there isn't enough space. So, clearly, I had to prove that wrong. :)," MG told Motherboard in an online chat.
• MG said that the new cables now have geofencing features, where a user can trigger or block the device's payloads based on the physical location of the cable.
• "We tested this out in downtown Oakland and were able to trigger payloads at over 1 mile," he added.

What is Geofencing? Geofencing is a location-based service in which a creator of an app or other platform/software uses GPS, RFID, Wi-Fi or cellular data to send/trigger messages like SMS, Email or In-App/App-based notifications (pre-programmed action) when mobile devices that enter, exit, or remain parked in the geographical location. For more information visit webengage.com

Motherboard only tested the cables in relatively close proximity, but MG said they've improved the range of the cables.

As Shown on Motherboard YouTube - OMG Interface

You can visit the following website to get more info Vice.com & Motherboard YT

My personal opinion: why in the heck would anyone want to cause such damage and harm on another human being? What if some creeper wanted to Key Log your Teenage daughter or Teenage son. Me personally I have been a victim of someone who targeted me, this type of activity can lead to great harm. I can only tell you beware of who gives you anything that pertains to Cell Phones, Cables and a Computer.  As you can see by the following picture, I purchased a new cable from a legit well known store that carries major brands and when I plug my cell phone my USB-C for a ZTE and the Phone Purchased at MetroPCS, my third party cable, I get a popup screen: 

• Your device is charging slowly: 
• Use original charger and cable that came with your device. 
• Inspect and remove any visible foreign material from cable connection

I did a search and I couldn't find anything on why when I use my cable for my cell I get  popup window.  Am I hacked and tracked? Leave a comment, What do you believe this is showing and why on my cell phone ZTE.

What to do if you have been key logged and it's not detected. Me personally I would not use the Computer or Cell phone any longer and I would want to purchase everything new, it's like when you get a brand new car and someone hits it, it just isn't the same. At what cost do you want to be spied on by someone who has it out for you and then later maybe use it against you just to be evil, evil intentions! 

Here is additional information to read about Key logging on your PC and what you need to know. Please visit usa.kaspersky.com/resource-center/definitions/keylogger

Read my other Privacy Consumer Concerns on my blogger.

Read Breached, You are listed on 80 Billion records!

👇

Now you know!
Dare - Challenge - Learn! 

Be not afraid of life. Believe that life is worth living, and your belief will help create the fact. William James - American philosopher. 

Please check out our Affiliate Avid Hemp - Great Deals!

Visit our Affiliate for some Great Deal - Avid Hemp