Lexisnexis Risk Solutions, a data broker that collects and uses consumer personal data to help its corporate customers detect potential risk and fraud, has revealed a data breach that affects more than 364,000 people.
Said the company to a deposit with Maine’s Attorney General That the violation, dating back to December 25, 2024, has allowed a hacker to obtain sensitive consumer personal data from a third -party platform used by the company for software development.
Jennifer Richman, a spokesman for Lexisnexis, told TechCrunch that an unknown hacker had access to the company’s gitHub account.
The stolen data varies, but include names, birth dates, phone numbers, postal and email addresses, social security numbers and driving licenses.
It is not immediately clear what conditions led to the violation. Richman said Lexisnexis received a report on April 1, 2025 “from an unknown third party claiming to have access to certain information”. The company would not say if it had received a ransom demand from the hacker.
Data brokers such as Lexisnexis are part of a billion dollars industry that benefits from the collection and sale of access to large amounts of personal and financial data of Americans. Lexisnexis uses information enclosures for consumers to help companies detect potentially false transactions, as well as to perform risk assessment and due diligence in prospective customers.
Last year, The New York Times They reported that car makers were among several companies distributed data on vehicle driving habits with Lexisnexis without explicit permission of car owners. The data was then sold to insurance companies, which used the data from miles and driving to determine drivers’ premiums.
Law enforcement services also use Lexisnexis to obtain personal information about suspects, such as Names, home addresses and call records.
Earlier this month, Trump’s administration interrupted a plan that would have limited data brokers from the sale of American personal and financial information, including social security numbers. White House employee Russell Vought wrote in a federal enrollment in the fact that the Biden era rule, which would require data brokers to follow the same federal rules for protecting privacy with credit scribes and promotion companies, were not necessary, Privacy lawyers to close Loopole.
Was updated by comments from Lexisnexis.
