.png)
2 days ago
35
Data broker giant LexisNexis Risk Solutions, a Georgia-based American data analytics company, has revealed that attackers stole the personal information of over 364,000 individuals in a December breach.
As disclosed in data breach notifications sent to affected people starting May 24th, LexisNexis was informed on April 1st that some of its data had been stolen from GitHub by an unknown threat actor using a compromised company account.
"On April 1, 2025, we learned that on December 25, 2024, an unauthorized third party acquired certain LNRS data from a third-party platform used for software development. The issue did not affect LNRS's own networks or systems," it said.
LexisNexis also disclosed in a filing with the Maine Attorney General's Office that the resulting data breach impacted 364,333 individuals who had their personally identifiable information exposed.
However, it said the breach only affected their personal information, as the attackers didn't access or steal financial information.
"The types of impacted personal information varied by affected individual, and could have included name, contact information (such as phone number, postal or email address), Social Security number, driver's license number or date of birth," LexisNexis added.
"No financial or credit card information was affected. We have no evidence that your data has been further misused."
The company warned affected individuals to monitor their account statements and credit reports for fraud and identity theft attempts, and will provide them with two years of free identity protection and credit monitoring services.
LexisNexis is a subsidiary of RELX, a British multinational data analytics provider, and it has customers in over 180 countries and territories.
The data broker also has offices in 40 countries, employs over 11,800 people worldwide, and works with 85% of Fortune 500 companies and 91% of the Fortune 100, including nine of the world's top 10 banks.
A LexisNexis spokesperson was not immediately available for comment when contacted by BleepingComputer earlier today.
