May 30, 2025 | By Dipanshu Kumar HACKINGBLOGS
The major data breach that affected over 364,000 people was revealed by data broker giant LexisNexis Risk Solutions in an unexpected way in LexisNexis data breach. On Christmas Day 2024, hackers took extremely sensitive personal information.
It was not until an anonymous tip reached LexisNexis on April 1, 2025, that the breach which had been hidden for months was made public. Names, dates of birth, Social Security numbers, phone numbers, email addresses, mailing addresses, and even driver’s license numbers are among the compromised data.
Who Is LexisNexis, Anyway?
RELX, a global analytics giant with headquarters in the UK, owns LexisNexis , operates in more than 40 nations, employs more than 11,800 people, 85% of Fortune 500 organizations are clients, serves nine of the top ten banks in the world.
What Happened?
“Some software artifacts and personal information were accessed from GitHub, a platform used by LexisNexis Risk Solutions (LNRS) for development,”
a company spokesperson said
A third-party software development platform, not LexisNexis’ own systems, was the source of the intrusion, according to breach notifications sent to the Maine Attorney General’s Office. According to reports, the attacker gained access to data through a hacked GitHub account that belonged to the business.
This indicates that an external development environment, rather than a breakdown in their fundamental infrastructure, was the cause of the LexisNexis data breach. However, the stolen information was legitimate and extremely private.
What Information Was Leaked?
According to LexisNexis data breach, the breach comprised:
- Full names
- Contact details (phone, postal, and email addresses)
- Social Security numbers
- Driver’s license numbers
- Dates of birth
Fortunately, according to the company, no credit card or financial information was compromised. However, this is still a treasure mine for identity thieves.
How Is LexisNexis Responding TO LexisNexis data breach?
Those who are impacted are being given:
- Services for credit monitoring
- Suggestions for being watchful of credit reports and bank statements
- Free identity protection for two years
Why This Breach Matters (And Should Terrify You)
LexisNexis is not a typical business. Large volumes of consumer and behavioral data are sold and shared by this data broker to businesses, insurance companies, police enforcement, and even manufacturers.
This same business has faced criticism in the past for:
- Providing insurers with information about driver behavior without the drivers’ consent
- granting police enforcement access to private information such as house addresses and contact logs
The same company has now failed to prevent hackers from accessing private information.
