LexisNexis risk solutions data breach exposes information of 364K people

LexisNexis Risk Solutions (LNRS), one of the largest data brokers in the United States, is reporting a data breach that compromised the personal information of 364,333 individuals. The Atlanta, Georgia-based company, which specializes in data analytics, risk management services, and Know Your Customer solutions for business clients, discovered that an unauthorized third party had accessed sensitive consumer data through their GitHub account.

The breach occurred on December 25, 2024, but was not discovered by LNRS until April 1, 2025, when the company received a report from an unknown third party claiming to have accessed certain information belonging to the organization. 

LNRS confirmed that the unauthorized party acquired data from their GitHub account, but claims that the company's own networks, systems, infrastructure, and products were not compromised. 

It's unclear how the GitHub account breach exposed personal information, but it's probable that the GitHub account gave access to other credentials that were later used to access the PII data. LexisNexis would not say if it had received a ransom demand from the hacker, and it's not immediately clear what circumstances led to the breach. 

The exposed data varied by affected individual but included the following sensitive personal information:

• Names
• Phone numbers
• Home addresses
• Email addresses
• Social Security numbers
• Driver's license numbers
• Dates of birth

NRS has stated there is no evidence that the stolen data has been further misused, though security experts warn that such information could be valuable to cybercriminals for identity theft, fraud schemes, or sale on dark web marketplaces.

The company has notified law enforcement agencies and is providing all affected individuals with 24 months of free identity protection and credit monitoring services through Experian. The company has also recommended that affected parties remain vigilant for incidents of fraud and identity theft by regularly reviewing account statements and monitoring their free credit reports. US citizens are entitled to one free credit report per year from each of the major credit reporting agencies.