Typically, when building, training and deploying AI, enterprises prioritize accuracy. And that, no doubt, is important; but in highly complex, nuanced industries like law, accuracy alone isn’t enough. Higher stakes mean higher standards: Models outputs must be assessed for relevancy, authority, citation accuracy and hallucination rates. 

To tackle this immense task, LexisNexis has evolved beyond standard retrieval-augmented generation (RAG) to graph RAG and agentic graphs; it has also built out “planner” and “reflection” AI agents that parse requests and criticize their own outputs. 

“There’s no such [thing] as ‘perfect AI’ because you never get 100% accuracy or 100% relevancy, especially in complex, high stake domains like legal,” Min Chen, LexisNexis’ SVP and chief AI officer, acknowledges in a new VentureBeat Beyond the Pilot podcast. 

The goal is to manage that uncertainty as much as possible and translate it into consistent customer value. “At the end of the day, what matters most for us is the quality of the AI outcome, and that is a continuous journey of experimentation, iteration and improvement,” Chen said. 

Getting ‘complete’ answers to multi-faceted questions

To evaluate models and their outputs, Chen’s team has established more than a half-dozen “sub metrics” to measure “usefulness” based on several factors — authority, citation accuracy, hallucination rates — as well as “comprehensiveness.” This particular metric is designed to evaluate whether a gen AI response fully addressed all aspects of a users’ legal questions. 

“So it’s not just about relevancy,” Chen said. “Completeness speaks directly to legal reliability.”

For instance, a user may ask a question that requires an answer covering five distinct legal considerations. Gen AI may provide a response that accurately addresses three of these. But, while relevant, this partial answer is incomplete and, from a user perspective, insufficient. This can be misleading and pose real-life risks.

Or, for example, some citations may be semantically relevant to a user’s question, but they may point to arguments or instances that were ultimately overruled in court. “Our lawyers will consider them not citable,” Chen said. “If they’re not citable, they’re not useful.”

Moving beyond standard RAG

LexisNexis launched its flagship gen AI product, Lexis+ AI — a legal AI tool for drafting, research and analysis — in 2023. It was built on a standard RAG framework and hybrid vector search that grounds responses in LexisNexis’ trusted, authoritative knowledge base. 

The company then released its personal legal assistant, Protégé, in 2024. This agent incorporates a knowledge graph layer on top of vector search to overcome a “key limitation” of  pure semantic search. Although “very good” at retrieving contextually relevant content, semantic search “doesn’t always guarantee authoritative answers,” Chen said.

Initial semantic search returns what it deems relevant content; Chen’s team then traverses those returns across a “point of law” graph to further filter the most highly authoritative documents.

Going beyond this, Chen’s team is developing agentic graphs and accelerating automation so agents can plan and execute complex multi-step tasks. 

For instance, self-directed “planner agents” for research Q&A break user questions into multiple sub-questions. Human users can review and edit these to further refine and personalize final answers. Meanwhile, a “reflection agent” handles transactional document drafting. It can “automatically, dynamically” criticize its initial draft, then incorporate that feedback and refine in real time.

However, Chen said that all of this is not to cut humans out of the mix; human experts and AI agents can “learn, reason and grow together.” “I see the future [as] a deeper collaboration between humans and AI.”

Watch the podcast to hear more about: 

• How LexisNexis’ acquisition of Henchman helped ground AI models with proprietary LexisNexis data and customer data; 

• The difference between deterministic and non-deterministic evaluation; 

• Why enterprises should identify KPIs and definitions of success before rushing to experimentation;

• The importance of focusing on a “triangle” of key components: Cost, speed and quality.

You can also listen and subscribe to Beyond the Pilot on Spotify, Apple or wherever you get your podcasts.

After years spent finding and investigating data breaches, Greg Pollock admits that when he comes across yet another exposed database full of passwords and Social Security numbers, “I come to it with some fatigue.” But Pollock, director of research at the cybersecurity company UpGuard, says he and his colleagues found an exposed, publicly accessible database online in January that appeared to contain a trove of Americans’ sensitive personal data so massive that his weariness lifted and they sprang to action to validate the finding.

The UpGuard researchers point out that not all of the records represent unique, valid information, but the raw totals they found in the January exposure included roughly 3 billion email addresses and passwords as well as about 2.7 billion records that included Social Security numbers. It was unclear who had set up the database, but it seemed to contain personal details that may have been cobbled together from multiple historic data breaches—including, perhaps, the trove from the 2024 breach of the background-checking service National Public Data. It is common for data brokers and cybercriminals to combine and recombine old datasets, but the scale and the potential quantity of Social Security numbers—even if only a fraction of them were real—was striking.

“Every week, there’s another finding where it looks big on paper, but it’s probably not very novel,” Pollock says. “So I was surprised when I started digging into the specific cases here to validate the data. In some cases, the identities in this data breach are at risk because they have been exposed, but they have not yet been exploited.”

The data was hosted by the German cloud provider Hetzner. Since Pollock could not identify an owner of the database to contact, he notified Hetzner on January 16. The company, in turn, said it notified its customer, which removed the data on January 21.

Hetzner did not provide WIRED with comment ahead of publication.

The researchers did not download the entire dataset for analysis due to its size and sensitivity. Instead they worked with a sample of 2.8 million records—a tiny fraction of the total trove. By analyzing trends in the data, including the popularity of certain cultural references in passwords, they concluded that much of the data likely dates to the United States in roughly 2015. For example, passwords referencing One Direction, Fall Out Boy, and Taylor Swift were very common. Meanwhile, references to Blackpink, Katseye, and Btsarmy were just barely beginning to show up.

Old data is still valuable for two reasons. First, people often reuse the same email address and password, or a variation of the password, across many different websites and services. This means that cybercriminals can keep trying the same login credentials for the same people over time. The second reason is that people’s Social Security numbers are often linked to their most sensitive and high-stakes data but almost never change during their lifetimes. As a result, valid SSNs are one of the crown jewels of identity theft for attackers.

In the sample of data the researchers reviewed, Pollock says that one in four Social Security numbers appeared to be valid and legitimate. The sample was too small to extrapolate to the entire dataset, but a quarter of all the records containing SSNs would be 675 million. A fraction of that would still represent a very significant set of Social Security numbers.

To verify the data, UpGuard researchers contacted a handful of people whose data appeared in the leaked trove. Pollock emphasizes that one of the most concerning findings from speaking to those individuals was that not all of them have had their identities stolen or suffered hacks. In other words, there was information in the database that has not been exploited by cybercriminals—and potential victims don’t necessarily know that their information has been exposed.

from the good-deals-on-cool-stuff dept

To completely understand computer security, it’s vital to step outside the fence and to think outside the box. Computer security is not just about firewalls, Intrusion Prevention Systems, or anti-viruses. It’s also about tricking people into doing whatever a hacker wishes. A secure system, network, or infrastructure is also about informed people. The All-in-One Super-Sized Ethical Hacking Bundle will help you learn to master ethical hacking techniques and methodologies over 14 courses. It’s on sale for $28 for a limited time.

Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team.

Filed Under: daily deal

Today, we take ice for granted. But having ice produced in your home is a relatively modern luxury. As early as 1750 BC, ancient people would find ice on mountains or in cold areas and would harvest it. They’d store it, often underground, with as much insulation as they could produce given their level of technology.

By 500 BC, people around Egypt and what is now India would place water in porous clay pots on beds of straw when the night was cold and dry. Even if the temperature didn’t freeze, the combination of evaporation and radiative cooling could produce some ice. However, this was elevated to a high art form around 400 BC by the Persians, who clearly had a better understanding of physics and thermodynamics than you’d think.

The key to Persian icemaking was yakhchāls. Not all of them were the same, but they typically consisted of an underground pit with a conical chimney structure. In addition, they often had shade walls and ice pits as well as access to a water supply.

Solar Chimney

The conical shape optimizes the solar chimney effect, where the sun heats air, which then rises. The top was typically not open, although there is some thought that translucent marble may have plugged the top to admit light while blocking airflow. yakhchālThe solar chimney produces an updraft that tends to cool the interior. The underground portion of the yakhchāl has colder air, as any hot air rises above the surface.

Insulation and Shade

The structure uses a water-resistant mortar made of sand, clay, egg whites, lime, goat hair, and ash. This has good insulating properties, although how the Persians found this recipe is a mystery. Many also had windcatcher towers that allowed for evaporative cooling in the dry air.

Adjacent to the yakhchāl was often a shallow ice pool protected by a shade wall to block the sun. The shade wall minimized heating from the sun. Just as the Egyptians leveraged evaporative and radiative cooling to create ice, cold nights could produce ice in the pool, which workers would harvest and store inside the yakhchāl. They could also, of course, store ice harvested from elsewhere. Even with the shade wall, though, workers had to harvest ice before sunrise.

You could think of the whole system as an RC circuit. The dome and the soil around the pit form a resistance, while the ice, cold stone, and air inside form a thermal capacitor. Thick insulating walls make a large R, and tons of ice and stone make a big capacitor. The dome shape gets less solar radiation most of the time. With a big resistor and capacitor, bleeding off charge (in this case, leaking in heat) takes a long time.

Meanwhile, ice melting effectively absorbs leftover or leaking heat. Sure, you lose some ice, although with the ice pits, on a cold and dry night, you might be able to recover at least some of it.

Why?

The Persians wanted ice for the same reasons everyone else did. They preserved food, created frozen beverages (sharbat), and even a dessert, faloodeh, that combined noodles, rose syrup, lime, and ice. There were also medical uses. Of course, having ice in the hot desert was also a status symbol.

Other Tech

In China, around 600 AD, they used saltpeter to produce ice chemically instead of simply harvesting and storing it. It would be 1748 before [William Cullen] would demonstrate producing ice using artificial means. While [Oliver Evans] described a fairly modern refrigerator in 1805, nothing like it was built until [Jacob Perkins] did it in 1834. Australian [James Harrison] was probably the first commercial ice makaer in the mid 1800s.

These days, we don’t usually ship ice around, but we still have to ship cold things. And of course, refrigerators ended the ice harvesting business.

Featured image: “kosar” by [Elyaskb]

Only days after Spotify announced its foray into physical book sales, which included an audiobook feature that lets you sync your listening and your offline reading progress, Amazon-owned Audible has launched a feature that brings ebooks together with audiobooks.

The company announced on Wednesday an “immersion reading” feature in the Audible app, which allows readers who have both the ebook and audiobook versions of a title in their Audible and Kindle libraries to read the ebook’s text while the audio plays. The feature also lets users switch between the different formats across devices. While in the “Read & Listen” mode, the text of the book is highlighted in real-time in sync with the narration.

The Kindle app already offered a tool that would allow readers to move between the Audible version and the ebook, when both versions had been purchased. This feature is now coming to Audible’s app for the first time. Customers will need to own both versions of the book for this to work, but discounted audiobooks will be made available to customers who own the matching ebook, the company says.

At launch, hundreds of thousands of titles will be supported by the new “Read & Listen” feature, including those in English, German, Spanish, Italian, and French. Initially, the option will be offered in the U.S., with the U.K., Australia, and Germany gaining support over the next few months.

To discover eligible titles, Audible will automatically identify which Kindle ebooks have audiobook matches within its app.

Of course, many customers were already reading and listening to their books without buying two versions — by having Alexa narrate their ebooks from their Kindle library. Alexa is not a professional narrator by any means, and the AI assistant’s more monotonous delivery can lead you to zone out. By offering a way to add on the audiobook for a lower price when you’ve already bought the ebook, Amazon hopes to boost book sales across formats.

The company also claims that the combination of reading and listening can improve focus and comprehension, according to industry research and its own internal data. In addition, customers who read and listen are the most engaged, consuming nearly twice as much content per month as audiobook-only customers, Audible noted.

The feature may make sense for students and those learning a new language, as well as those who are trying to get through more books quickly. It’s also useful for those who regularly switch back and forth between reading and listening, and those who want the experience of the narration — particularly if a book is read by a favorite voice actor. Plus, some may simply appreciate having a narrator introduce all the characters by name, so they can learn the pronunciation without having to guess (a particularly thorny issue in fantasy novels!)

“Audiobooks count as reading,” said Andy Tsao, Chief Product Officer at Audible, in a statement about the launch. “But now at Audible, you can read with your eyes too. Read & Listen gives book lovers the best of both worlds. Whether you’re learning a new language, studying for school, or lost in a story’s world, you no longer have to choose one format over the other.”

Amazon notes that the new feature will not impact publishers’ royalty payments.

Hackers have stolen the personal and contact information of nearly 1 million accounts after breaching the systems of Figure Technology Solutions, a self-described blockchain-native financial technology company.

Founded in 2018, Figure uses the Provenance blockchain for lending, borrowing, and securities trading, and has unlocked over $22 billion in home equity with over 250 partners, including banks, credit unions, fintechs, and home improvement companies.

While the blockchain lender didn’t publicly disclose the incident, a Figure spokesperson told TechCrunch on Friday that the attackers stole “a limited number of files” in a social engineering attack.

BleepingComputer has also reached out to Figure with further questions about the breach, but a response was not immediately available.

Although the company has yet to share how many individuals were affected by the data breach, notification service Have I Been Pwned has now revealed the extent of the incident, reporting that data from 967,200 accounts was stolen in the attack.

“In February 2026, data obtained from the fintech lending platform Figure was publicly posted online,” Have I Been Pwned said on Wednesday.

“The exposed data, dating back to January 2026, contained over 900k unique email addresses along with names, phone numbers, physical addresses and dates of birth. Figure confirmed the incident and attributed it to a social engineering attack in which an employee was tricked into providing access.”

The ShinyHunters extortion group claimed responsibility for the breach and added the company to its dark web leak site, leaking 2.5GB of data allegedly stolen from thousands of loan applicants.

In recent weeks, ShinyHunters claimed similar breaches at Canada Goose, Panera Bread, Betterment, SoundCloud, PornHub, and CrowdStrike.

While not all of them are part of the same campaign, some of these victims were breached in a voice phishing (vishing) campaign targeting single sign-on (SSO) accounts at Okta, Microsoft, and Google across more than 100 high-profile organizations.

The attackers are impersonating IT support, calling their targets’ employees and tricking them into entering credentials and multi-factor authentication (MFA) codes on phishing sites that impersonate their companies’ login portals.

Once in, they gain access to the victim’s SSO account, which provides them with access to other connected enterprise applications and services, including Salesforce, Microsoft 365, Google Workspace, SAP, Slack, Zendesk, Dropbox, Adobe, Atlassian, and many others.

As part of this campaign, ShinyHunters also breached online dating giant Match Group, which owns multiple popular dating services, including Tinder, Hinge, Meetic, Match.com, and OkCupid.

Modern IT infrastructure moves faster than manual workflows can handle.

In this new Tines guide, learn how your team can reduce hidden manual delays, improve reliability through automated response, and build and scale intelligent workflows on top of tools you already use.

Advertisement

Get the guide