The below is an extract from one of three draft chapters in a book that’s currently illegal to publish. It’s not actually about Relx and they’d probably have just been subjected to a couple of snippy asides relative to another issue if not for what-they-did.
Although I’d like to start earning again, the legal restrictions around gripe sites means I’m now committing to making that book free. I consider the contents that important.
This section primarily deals with security breaches and CEO pay. Although the majority was written mid-2025, the AGM notification suggests it’ll be out of date in less than 24 hours. So expect a follow up shortly. I have comments.
Once I stop laughing about the rationalisations. Competitive pay packages really shouldn’t be a strategy of gunning for the top position of highest/lowest earners ratios, just so the second highest paid executive in the UK has a chance at first place.
It’s not a good look. Particularly with the profits of an AI strategy that appears to me to be “all your public funded science belongs to us”. Compare and contrast (as I do later) with the lexis AI approach.
Elsevier has made its money from dancing on the line of how much they can get away with. Your new strategy has been to treat that line as a cliff edge to leap off with a monopoly on datamining research, governments (and others), paid to put into your custody.
As I argue in a later chapter that’s not “digging a moat”. That’s pissing in the shoddy one built.
Get Relx
Get Relx.
Relx sounds absolutely nothing like “wrecked”. Yet every time I consider them after what occurred I think of this phrase. First heard in the {Redacted Decade} of {Redacted City}. Later I was to realise it probably subconsciously became further associated via its new usage on the internet as “get rekt”.
“Get wrecked” or “get rekt” in this context is misleading however, because I wasn’t singled out for Relx ethical practices. So this is a summary of {redacted} rekting my convention rights is entirely in line with practices that I would sum as one big “get rekt” to the world.
Or “relxing” and “get relx” if you prefer. Which I do.
Relx, for those who’ve never heard of them, are the umbrella corporation of amongst other companies, Elsevier. Plenty of people probably might not recognise that name either, but if you’ve not heard of them, I’m amazed you’ve come across this site at all. They’re the biggest publisher of scientific papers in the world. And the biggest problem in scientific publishing.
For those who have heard of Elsevier but aren’t familiar with the whole portfolio of Relx. Although Elsevier is probably the biggest company asset of Relx, this isn’t an alphabet/google situation. They also own lexisnexus, which is the biggest database of legal documentation in the world.
I doubt they’ll be in the mainstream news for this, but amongst a certain slice of the world’s population, Lexisnexus are currently notable for ‘protecting’ the personal details of over 400000 of their clients (i.e lawyers, judges and law enforcement) with the password “Lexis1234”. Which became a known fact in the usual way. Via publication by a threat actor known as FulcrumSec.
Though I still wonder it the capital “L” above is giving relx to much credit.
It’s worth stressing that when you read the term threat actor, it’s best to view them as flags of convenience. The entities behind one may be behind others. Public awareness of this flag was relatively new in October 2025, and they have yet to make it to all the naughty lists. The described modus operandi suggests a straight up extortion gig with absolutely no hacktivist inclinations at all. Instead they exfil valuable data and attempt to quietly sell it back to the victim.
My theory as to why Relx didn’t pay is that they actually forgot the password, complicated as it was, and figured that FulcrumSec would then post it.
Yes, I said February 2026. Let’s not spoil the rest of our adventure together by wondering when it’ll end. Our little foray into Relx is after all a little bit of a holiday for us anyways. Even if it’s the sort of thanks you probably don’t deserve to be subjected to after sticking with me for the last {redacted years}.
Anyways I’m possibly being a little unfair as to Relx’s reasons why. A strong incentive to pay in such situations is the chance of reduced publicity for the security breach. However if you’re fully aware that you’re incompetent when it comes to security, then you’ll be making a lot of payments to keep something secret that’ll come out during some later random hack regardless.
Returning to the threat actor, I looked them up as I was trying to work out if I should feel sorry for them. I realise there are client names being sold on the internet, but the personal details in this case weren’t sensitive, and I find myself not currently in a position to criticise stealing intellectual output from Relx. So I was trying to see if it was a case that Relx was targeted, and the actor then discovered a vulnerability that was published in November 2025, patch available on the 3rd of December, but was still exploitable in February. Which now I’ve written it out, it should be obvious to you that’s not the case.
Rather, LexisNexus was the dipshit neighbour who left their door unlocked everyday for months and then wondered how they fell victim to the sophisticated approach of someone trying all the doors on the street. Which is basically what “pre-authentication vulnerability” that “could be exploited using a single malicious HTTP request” means. Though I’d imagine it still takes using the password Lexis1234 in five separate places to really screw it up.
As a consequence I felt I had to cross reference the dates of the Relx buyback programme to eliminate the possibility of funny business. I found it was between 2nd January 2026 and the 6th February 2026, prior to the company’s annual results announced on 12 February 2026.
With an announced further repurchasing of “500,000 ordinary shares on 26 February 2026 on the London Stock Exchange via UBS AG London Branch. The shares, bought at a volume-weighted average price of 2,486.3168 pence, will be held in treasury, taking the company’s treasury holding to 23,837,957 shares and leaving 1,804,427,533 shares in issue excluding treasury.”
To my laypersons understanding that doesn’t in fact suggest shenanigans. But as I was debating this, and trying to understand the various benefits of capital reduction in context of the fact that the big red sign saying rob me went up in December could be salient; I suddenly realised that any plan with a prerequisite of pissing off 400000 lawyers is definitely not a viable alternative to being unrealistically incompetent. Pretty much the same category in fact. It’d be Relxing oneself while accidentally Relxing others.
Hopefully they’ll be more careful going on and not make the mistake again. Or rather not a third time. On account that personal details of 364000 individuals were stolen from them 25th december 2024 (merry xmas). Which they discovered 1st April, 2025 (fools). Though I should clarify that it was actually LexisNexis Risk Solutions rather than LexisNexis.
This point isn’t as trivial as it appears. But the non-triviality actually isn’t in Relx’s favour. LexisNexis Risk Solutions runs companies devoted to tracing and fraud detection for people on benefits. It requires access to personal details of individuals who either may not have given their explicit permission and therefore assumed a risk of a hack by use of the product (with the caveat of reasonable expectation of diligence), or may not be in a position to argue and likely weren’t fully informed as to who would be the data processors anyways (else they’d starve).
So these are the personal details without explicit consent from societies most vulnerable, the vast majority of which will not actually be committing fraud. Merely subject to due diligence from a private organisation that appears incapable of any diligence.
Being the dipshit neighbour who forgot to lock the door and then suffered a break in isn’t actually the most embarrassing of corporate security breaches however. Offhand if I had to pick one, that prize would go to having a server publicly accessible containing a plaintext list of all usernames, passwords and registration emails for an “indeterminate amount of time”. An analogy here would basically be leaving the door wide open.
Which as Vice reported in 2019, would be Elsevier. I did say “third time” above. I suspect it’s still inaccurate.
CEO Pay
The highpay center 2025 report’s headline is that there has been little increase in the median ceo to median worker wages for FTSE 350 across the last five years (52:1 while acknowledging a decrease from previous year of 54:1), and for the FTSE100 it’s 71:1 and 106:1 respectively. So that’s good I guess. Relatively. Even though the stated goal is to decrease. It specifically identifies Relx in their top five naughty list.
The highpay has a wonderful way of visualising that. They have even done some fancy math. Because the median point is the midpoint in the population statistics of earners, at 11:30 6th of January 2025 those CEOs will have made more money than half of earners in the UK. The fancy math is even allowing for the 60ish hour work week (again average, I suspect self-reported).
Relx placed on the naughty list for CEO. As it currently stands at 294:1 for the CEO to lower earners ratio. Nor is that a downward trend from the previous year (118:1).
Since CEOs don’t directly control national rates of pay. It seems to me perhaps a little of an unfair comparator to perform for RELX even if they’ve compensated for additional hours. Fair reward framework, a partner organisation to the highpay center has the numbers for the median of their own employees. It’s 198:1 for 2024. Simultaneously I’ve no idea how many hours Erik Engstrom works nor if any other bits of statistical magic have been done by the high pay center.
Hand waiving all that. Erik Engstrom appears to be earning more than half of his employees will for the remaining part of 2025, a little after 8PM, 2nd of January, 2025. Which kind of blows for Kip Lyall, if US employees are paid the equivalent. We will get to kip later as here’s a quote “The pressure put on me to conform to the company’s ‘narrative’ turned my paycheck into a bribe”. As the implication is that’s a really shitty bribe.
It’s definitely not bad for Erik however, whose comment on the Relx 2024 results was
“RELX delivered strong revenue and profit growth in 2024. Our improving long-term growth trajectory continues to be driven by the ongoing shift in business mix towards higher growth analytics and decision tools that deliver enhanced value to our customers across market segments.”
“We develop and deploy these tools across the company by leveraging deep customer understanding to combine leading content and data sets with powerful artificial intelligence and other technologies. This has been a key driver of the evolution of our business for well over a decade, and will remain a key driver of customer value and growth in our business for many years to come.”
One hundred and six words.
Whereas for the first half for 2025 it was
“RELX delivered strong revenue and profit growth in the first half of 2025, in line with full year 2024 but with a higher quality growth profile: Risk with continued strong growth, Scientific, Technical & Medical with continued good growth and developing momentum, Legal with a further step up in growth, and Exhibitions now established at strong ongoing growth.”
Our improving long-term growth trajectory continues to be driven across the group by the ongoing shift in business mix towards higher growth analytics and decision tools that deliver enhanced value to our customers.
We develop and deploy these tools across the company by leveraging deep customer understanding to combine leading content and data sets with powerful artificial intelligence and other technologies. This has been a key driver of the evolution of our business for well over a decade, and will remain a key driver of customer value and growth in our business for many years to come.”
One hundred and fifty words.
These numbers are relevant because part of the issue that’s skewed the year on in numbers here is Erik’s remuneration package. Which rose from 8,214,000 to 13,639,000 (65%). With a dividend of 2022 54.6 and 2023 58.8 (7.57%). April share prices 2024 3,424.00 and 2023 2,624.00 (30.57%).
It therefore seems to me that the approximately 29.33% increase of CEO commentary on the strong revenue and profit growth was to make up the remaining percentage. So relax Relx shareholders, you’ve approximately a 2.47% return on your CEO pay package investment. Ignoring that you’ve paid for some of those words last year. Which of course {Redacted} happens to be and the math here is really for them. As it seems to me to be the sort of business sense that would appeal to them (get relx).
The suggestion that someone at Relx contributed to their business earnings using their own words is perhaps a cause for slander. Perhaps even the suggestion that maybe there are more words by the CEO but it’s behind a paywall at 30 dollars for each article would not even be enough to emolliate them. Tom J Reller, Elsevier’s corporate spokesman in 2018 is after all of the view that “”If you think information shouldn’t cost anything, go to Wikipedia”.
This is because the model is dependent on you paying them to publish what the readers will in turn pay to read, with the modernisation approach being you can pay them more so the readers will not have to pay additional money to read.
Nor while I do have a certain gripe, which will later become relevant to what exactly they add in value, are the views here unique.
Stephen Buranyi, at the Guardian, who I’m also indebted to pointing to the reference above, references a 2005 Deutsche Bank report who characterised it as “ “bizarre” “triple-pay” system, in which “the state funds most research, pays the salaries of most of those checking the quality of research, and then buys most of the published product”.
Deutsche Bank, you damn radicals. And here was me still thinking of you as the poster child for a financial sector unfettered by any serious regulation.
{Redacted Section}
At least no one sues in that world. We will cover some of their ethical conduct shortly. This may seem excessive considering my issue was primarily {Redacted} In fact before I started I’d have agreed with you and it wasn’t the intention. But if you didn’t skim over those precious words by their CEO you might have an inkling of the ramifications.
Possibly you may now be comforting yourself with the hope that usually when a CEO includes the phrase “artificial intelligence” they’re just embracing the latest gestalt of buzzwords that may have little bearing on their actual business. That perhaps this is just Elsevier pursuing their actual business strategy which is continually testing the line as to how much they can get away with before people stop paying to give them data.
My plan in the next chapter is to strip you of this false security blanket and put you at the same level of blind panic I reached.