LexisNexis Risk Solutions discloses a December 2024 data breach affecting 364,333 individuals. Personal data, including names, contact details, Social Security numbers, driver’s licence numbers, and dates of birth, was accessed via a compromised GitHub account. No financial information or company systems were affected.
LexisNexis Risk Solutions (LNRS), a leading Georgia-based data analytics firm and subsidiary of British multinational RELX, has confirmed a data breach affecting 364,333 individuals. The incident, which occurred on 25 December 2024, involved unauthorised access to personal data stored on GitHub, a third-party software development platform. The breach was discovered on 1 April 2025, and affected individuals began receiving notification letters from 24 May onwards.
Cause and scope of the breach
According to the company’s investigation, an unknown threat actor gained access to LNRS data by compromising a company account on GitHub. The breach did not involve LexisNexis’s internal systems or infrastructure.
A LexisNexis spokesperson stated: “Our Information Security team, in consultation with a forensic firm, immediately began investigating and confirmed that some data which was held in GitHub, a third-party platform used by LNRS for software development purposes, was acquired by an unknown third party. Specifically, we have determined that some software artifacts as well as some personal information was accessed.”
The exposed data includes personally identifiable information (PII) such as:
- Full names
- Contact details (phone numbers, postal and email addresses)
- Social Security numbers
- Driver’s licence numbers
- Dates of birth
The company confirmed that no financial data, credit card information, or other sensitive personal details were compromised.
Response and mitigation measures
LexisNexis has filed a breach disclosure with the Maine Attorney General’s Office and is offering affected individuals two years of complimentary identity protection and credit monitoring services. The company has advised impacted parties to remain vigilant by reviewing account statements and credit reports for signs of fraudulent activity.
About LexisNexis Risk Solutions
LexisNexis Risk Solutions is a global data and analytics company offering data services, technology, predictive insights, and fraud prevention across multiple industries. Headquartered in Alpharetta, Georgia, it maintains offices in the US, Australia, Brazil, China, France, Hong Kong, India, Ireland, Israel, the Philippines, and the UK.
Its clients include businesses in insurance, financial services, healthcare, and corporate sectors, alongside government agencies at local, state, and federal levels, as well as law enforcement and public safety organisations. The company operates within the Risk & Business Analytics segment of RELX, a multinational information and analytics firm based in London.
With a workforce exceeding 11,800 employees, the firm supports 85% of Fortune 500 companies and 91% of Fortune 100 businesses, including nine of the world’s top 10 banks.
Himani Verma is a seasoned content writer and SEO expert, with experience in digital media. She has held various senior writing positions at enterprises like CloudTDMS (Synthetic Data Factory), Barrownz Group, and ATZA. Himani has also been Editorial Writer at Hindustan Time, a leading Indian English language news platform. She excels in content creation, proofreading, and editing, ensuring that every piece is polished and impactful. Her expertise in crafting SEO-friendly content for multiple verticals of businesses, including technology, healthcare, finance, sports, innovation, and more.
