LexisNexis Breach: Data of 364,000 Exposed
LexisNexis Risk Solutions has disclosed a data breach that compromised the personal information of over 364,000 individuals. On December 25, 2024, LexisNexis Risk Solutions experienced a data breach when an unauthorized third party accessed sensitive information through the company’s GitHub account. The breach went undetected until April 1, 2025, when LexisNexis received a report from an unknown individual claiming to have accessed certain information. The Verge
Exposed Personal Information
Dates of Birth
Full Names
Social Security Numbers (SSNs)
Contact Information: Including phone numbers, email addresses, and mailing addresses
Driver’s License Numbers
The compromised data includes:WIRED
- Names
- Contact information (phone numbers, postal and email addresses)
- Social Security numbers
- Driver’s license numbers
- Dates of birthTechCrunchFutureLaw Firm
The breach, which occurred on December 25, 2024, involved unauthorized access to personal information such as names, Social Security numbers, contact details, and driver’s license numbers. LexisNexis discovered the incident on April 1, 2025, and promptly initiated an investigation with external cybersecurity experts. The company has also notified law enforcement agencies and is offering affected individuals two years of complimentary credit monitoring and identity protection services. The VergeFederman & Sherwood.SecurityWeek
Company’s Response
LexisNexis Risk Solutions has disclosed a significant data breach affecting over 364,000 individuals.The data breach at LexisNexis Risk Solutions occurred on December 25, 2024, when an unauthorized third party accessed sensitive information through the company’s GitHub account. However, the breach went undetected until April 1, 2025, when LexisNexis received a report from an unknown individual claiming to have accessed certain data .The Verge
Swift Response and Support Measures
Upon discovering the breach, LexisNexis promptly initiated an investigation with the assistance of external cybersecurity experts and notified law enforcement agencies. To support those affected, the company is offering two years of free identity protection and credit monitoring services.
Data Compromised
The exposed information includes:
- Full names
- Social Security numbers
- Contact details
- Driver’s license numbers
The specific data compromised varies by individual. The Verge
Broader Implications
LexisNexis, a major U.S. data analytics firm, is known for collecting and selling personal information to entities like insurance companies. This breach has raised concerns about the practices of data brokers. Privacy advocates warn that the leaked information could be exploited by malicious actors, emphasizing the need for stricter regulations on data brokers. The Verge
Broader Implications
This incident has raised concerns about data security practices among major data brokers. Privacy advocates warn that the leaked information could be exploited by malicious actors, including scammers and foreign adversaries .The Verge
What Happened?
LexisNexis discovered unauthorized access to its systems. Upon investigation, they determined that the breach exposed sensitive data.
Impact on Individuals
The exposed data potentially includes:
- Names
- Addresses
- Dates of birth
- Social Security numbers
- Driver’s license numbers
This type of information can be used for identity theft and other malicious activities.
LexisNexis’ Response
LexisNexis is taking the following actions:
- Notifying affected individuals
- Offering credit monitoring services
- Enhancing security measures to prevent future breaches
- Working with law enforcement
Protecting Yourself
If you believe your information may have been compromised, consider these steps:
- Monitor your credit report for any suspicious activity. You can obtain a free credit report from each of the three major credit bureaus annually through AnnualCreditReport.com.
- Place a fraud alert on your credit file.
- Consider a credit freeze to restrict access to your credit report.
- Be cautious of phishing emails and scams.
- Change passwords on important online accounts.
