LexisNexis leaked social security numbers and other personal data of over 364,000 people

The info analytics agency LexisNexis Danger Options says it suffered a breach that might have uncovered the names, Social Safety numbers, contact info, and driver’s license numbers of over 364,000 individuals, as reported earlier by TechCrunch. In a notice filed with the state of Maine, LexisNexis says “an unauthorized third get together” accessed its knowledge by means of a third-party software program growth platform.

The breach occurred on December twenty fifth, however Lexis Nexis solely found it on April 1st, 2025, and is simply beginning to notify individuals. The corporate says it “promptly launched an investigation” and “notified legislation enforcement” as soon as it found the breach, including that the varieties of info uncovered “different by affected particular person.”

LexisNexis spokesperson Jennifer Richman informed TechCrunch that an attacker obtained the information by means of the agency’s GitHub account. Neither LexisNexis nor GitHub instantly responded to The Verge’s request for remark.

LexisNexis is likely one of the largest knowledge brokers within the US, as it really works to gather and promote huge quantities of non-public info for fraud and threat evaluation. Final 12 months, LexisNexis was named in a report from The New York Times, which discovered that automakers had been sharing driving knowledge with the agency that the agency then offered to insurance coverage corporations, resulting in greater premiums for the drivers. Apart from serving as an information dealer, LexisNexis additionally gives entry to a database of stories articles, public information, and authorized paperwork.

”The LexisNexis breach is one more instance of why we have to rein within the reckless enterprise mannequin of information brokers that site visitors in our most delicate info for revenue,” Caroline Kraczon, a legislation fellow on the Digital Privateness Data Heart, stated in an announcement to The Verge. “Due to LexisNexis, tons of of 1000’s of people’ private knowledge is now up for grabs by dangerous actors. That knowledge could also be utilized by international adversaries in ways in which threaten nationwide safety, by fraudsters to focus on victims for scams, or by abusers to find and hurt survivors of home violence.”

Replace, Might twenty eighth: Added an announcement from EPIC.