364,000 Impacted by Data Breach at LexisNexis Risk Solutions

Data broker giant LexisNexis Risk Solutions (LNRS) is notifying more than 364,000 people that their personal information was stolen in a December 2024 data breach.

The incident occurred on December 25, but LNRS learned of it on April 1, 2025, the company said in the notification letter to the impacted individuals, a copy of which was submitted to the Maine Attorney General’s Office.

“An unauthorized third party acquired certain LNRS data from a third-party platform used for software development. The issue did not affect LNRS’s own networks or systems,” the company said.

Personal information stolen in the attack, LNRS says, includes names, dates of birth, phone numbers, email addresses, Social Security numbers, and driver’s license number.

“No financial or credit card information was affected. We have no evidence that your data has been further misused,” the company says, noting that it has notified the relevant authorities of the incident.

LNRS informed the Maine AGO that 364,333 individuals were affected by the data breach and that it is providing them with two years of free identity protection and credit monitoring services.

Responding to a SecurityWeek inquiry, LNRS said that it learned of the data breach after it “received a report from an unknown third party claiming to have accessed certain information belonging to LNRS.”

The threat actor had accessed the company’s GitHub account and accessed “some software artifacts as well as some personal information.” 

“There was no compromise of our own systems, infrastructure, or products. We are notifying approximately 360,000 individuals and appropriate regulators. We have also reported this incident to law enforcement,” LNRS said.

Based in Atlanta, Georgia, LexisNexis Risk Solutions collects user information from public records and other sources and provides it to financial, insurance, healthcare, and government organizations, to help them identify risks and fraud.

Related: Marlboro-Chesterfield Pathology Data Breach Impacts 235,000 People

Related: Coinbase Says Rogue Contractor Data Breach Affects 69,461 Users

Related: UK Legal Aid Agency Finds Data Breach Following Cyberattack