PR Newswire Data Breach Linked to Adobe and LexisNexis Intrusions

Oct. 21, 2013

Brian Krebs, whose investigation for his KrebsOnSecurity blog broke news of the recent breaches involving large data brokers that may have compromised the information used to perform knowledge-based authentication, says the intruders that struck LexisNexis, Dun & Bradstreet and Kroll Background America may be the same individuals that hacked Adobe’s network and, even more recently, that of news-distribution company PR Newswire.

The PR Newswire breach targeted a database holding passwords and contact information for customers to access press releases, and the data resided on the same servers that stored payment subscription data and source code stolen from Adobe , Krebs reported. Krebs had previously linked the Adobe breach to the data-broker theft .

“While there are no indications that the attackers did anything malicious with the PR Newswire data, [one security expert] said the bad guys in this case could have used it to wreak financial havoc. The company’s customer list reads like a Who’s Who of PR firms and Fortune 1000 firms.”

So far, no other payment data has been linked to the servers that stored the stolen data from LexisNexis, Dun & Bradstreet, Kroll, Adobe and PR Newswire.