LexisNexis Probe May Be Tied to Hilton Cellphone Hack

LOS ANGELES — The ongoing investigation of hackers breaking into LexisNexis’ database may be tied to the theft of celebrity contact numbers and topless photos from the cellphone of Paris Hilton, an FBI spokesman said.

Investigators last week seized computers and other evidence from several individuals as part of a nationwide probe of the LexisNexis breach, in which the hackers gained access to 310,000 personal records.

The FBI said it is investigating whether the suspects used email pretending to contain child pornography to trick people into downloading software capable of capturing passwords needed to infiltrate LexisNexis' computers.

One of the hackers posed as a T-Mobile supervisor to get another employee to reveal a password into its network to get Hilton's cellphone data, FBI officials said. Later, conspiring hackers exploited a software flaw in the system.

Earlier this year, several websites published topless Hilton photos, private notes and phone numbers of her celebrity friends.

So far three people have been served search warrants in California, Minnesota and North Carolina, according to FBI spokesman Paul Bresson, who noted that his agency is working in concert with the Secret Service over the break-ins.

According to the FBI, the LexisNexis breach was set in motion by a blast of spam that included a message urging recipients to open an attached file to view child pornography. The attachments had nothing to do with child porn but the files contained a program that allowed the hackers to record anything a recipient typed on the surfer’s computer keyboard.

A police officer in Florida was among those who opened the infected email message, according to a report in the Washington Post. Not long after his computer was infected with the keystroke-capturing program, the officer logged on to his department's account at Accurint, a LexisNexis service provided by Florida-based subsidiary Seisint Inc., which sells access to consumer data. Other police officers' login information may have been similarly stolen.

The hackers apparently then created a series of sub-accounts using the police department's name and billing information, the Post said.

Over several days, the group looked up thousands of names in the database, including friends and celebrities. The law enforcement source said members of the group eventually began selling Social Security numbers and other sensitive consumer information to a ring of identity thieves in California.

Copyright © 2025 Adnet Media. All Rights Reserved. XBIZ is a trademark of Adnet Media.
Reproduction in whole or in part in any form or medium without express written permission is prohibited.

More News

Strike 3 Holdings Sues Meta for Pirating Vixen Media Group Content to Train AI

Vixen Media Group owner Strike 3 Holdings filed suit in federal court this week, accusing Facebook parent company Meta of copyright infringement and alleging that Meta has extensively pirated VMG content to train its artificial intelligence models.

Pineapple Support, Streamate to Host 'Navigating Grief and Loss' Support Group

Pineapple Support and Streamate are hosting a free online support group to help performers cope with grief and loss.

Friday is Final AV Compliance Deadline in UK

Friday, July 25 marks U.K. media regulator Ofcom’s deadline for user-to-user services such as tube, cam and fan sites to implement its requisite “highly effective age assurance” measures for preventing minors from viewing adult content.

AEBN Publishes Popular Searches for May, June

AEBN has released the top search terms for the months of May and June from its straight and gay theaters in all 50 states and the District of Columbia.

Ofcom Releases Transparency Reporting Guidelines

Ofcom, the U.K. media regulator, has made public its official guidance detailing how online service providers — including adult sites — will be required to publish annual transparency reports on their efforts to protect children from online harms.

New AV Rules Take Effect for Ireland-Based Sites

Ireland’s Online Safety Code came into force Monday, including a provision requiring adult sites headquartered in Ireland to implement age assurance measures beyond self-declaration.

XBIZ Amsterdam Calls on New Startups for 'Spotlight' Program

XBIZ is pleased to announce that its new “Startup Spotlight” programming will make its European premiere at XBIZ Amsterdam 2025, set to take place Sept. 2-5 at the Jakarta Hotel Amsterdam.

Texas Resumes AV Lawsuit Against Aylo Following SCOTUS Decision

A district court judge in Texas has unfrozen the state’s $1.6 million lawsuit against Aylo for allegedly failing to comply with age verification requirements, Bloomberg Law is reporting.

JuicyAds Wins Trademark Infringement Case Against Fraudulent Domain

JuicyAds has won its World Intellectual Property Organization (WIPO) case against a website using a similar domain to impersonate the company's site and defraud customers.

Anissa Kate, Jordan Starr Top AEBN for Q2 of 2025

AEBN has published its top-selling stars for the second quarter of 2025, with Anissa Kate landing atop the leaderboard for straight theaters and Jordan Starr heading up the gay rankings.

Show More