LexisNexis leaked social security numbers and other personal data of over 364,000 people
1 min read
Summary
Data analytics company LexisNexis Risk Solutions has suffered a serious data breach, which has exposed the personal information of 364,000 people.
The breach was discovered on April 1, but had taken place on December 25, 2024, when an unauthorised third party accessed the company’s data via a third-party software development platform, and via the company’s GitHub account.
The information exposed varied between individuals but included names, social security numbers, contact information and driver’s licence details.
This is the second attack on the company in recent years, with another occurring in 2022, and highlights the need for tougher regulation around the handling of personal data, say privacy experts.
Furthermore, efforts to reign in the activities of data brokers in the US have been halted, following an order from the Treasury Secretary to stop all rulemaking on the matter.