LexisNexis leaked social security numbers and other personal data for over 364,000 people
The data analytics firm LexisNexis Risk Solutions says it suffered a breach that could have exposed the names, Social Security numbers, contact information, and driver’s license numbers of over 364,000 people, as reported earlier by TechCrunch. In a notice filed with the state of Maine, LexisNexis says “an unauthorized third party” accessed its data through […]
The data analytics firm LexisNexis Risk Solutions says it suffered a breach that could have exposed the names, Social Security numbers, contact information, and driver’s license numbers of over 364,000 people, as reported earlier by TechCrunch. In a notice filed with the state of Maine, LexisNexis says “an unauthorized third party” accessed its data through a third-party software development platform.
The breach occurred on December 25th, but Lexis Nexis only discovered it on April 1st, 2025, and is just starting to notify people. The company says it “promptly launched an investigation” and “notified law enforcement” once it discovered the breach, adding that the types of information exposed “varied by affected individual.”
LexisNexis spokesperson Jennifer Richman told TechCrunch that an attacker obtained the data through the firm’s GitHub account. Neither LexisNexis nor GitHub immediately responded to The Verge’s request for comment.
LexisNexis is one of the biggest data brokers in the US, as it works to collect and sell vast amounts of personal information for fraud and risk assessment. Last year, LexisNexis was named in a report from The New York Times, which found that automakers had been sharing driving data with the firm that the firm then sold to insurance companies, leading to higher premiums for the drivers. Other than serving as a data broker, LexisNexis also offers access to a database of news articles, public records, and legal documents.
Though the Consumer Financial Protection Bureau had been working to crack down on data brokers under the Biden administration, those efforts have come to a halt. In February, the Trump-appointed Treasury Secretary Scott Bessent ordered the Consumer Financial Protection Bureau (CFPB) to “stop all rulemaking,” pausing a proposal that would’ve prevented data brokers from selling social security numbers and sensitive financial information. The CFPB officially withdrew the rule earlier this month.
Last year, the House also passed a bill that would block data brokers from selling Americans’ personal information to foreign adversaries, but there hasn’t been much movement since.
