LexisNexis Risk Solutions (LNRS), a provider of legal intelligence and data analytics services worldwide, has disclosed a major data breach exposing the personal data of more than 364,000 individuals.
The breach, allegedly via a third-party platform that was used to develop their software, has raised grave questions over the safety of sensitive information held by data brokers.
The illegal access was said to have occurred on December 25, 2024, but was not detected until April 1, 2025, when LNRS was notified by an external party, the company stated in a notice it issued.
The leaked data itself ranges from names, date of births, phone and addresses (both postal and email), driver’s license ID numbers to SSNs.
LexisNexis said the security breach did not impact on any of its internal systems and main products. But the quantity and sensitivity of the compromised data has alarmed cyber security experts and impacted people alike.
The company’s wide customer base ranges from law enforcement units to car companies pointing at a potential far-reaching effect on different fields of operation.
In reaction to the breach, LexisNexis has hired outside cybersecurity specialists and is working with law enforcement. The company is providing impacted people with free identity protection and credit monitoring products from Experian for two years. They also are advising people to stay alert and check their financial accounts for any unusual activity.
The data breach makes LexisNexis part of a lengthening list of companies that cybercriminals have hit in recent times, underscoring the challenges that organizations face in protecting large bodies of personal data. “It’s as essential as it could possibly be to protect sensitive data, particularly when a broker deals with volumes of sensitive information,” security experts stress.
The situation is certain to add to the debate over the responsibility of such companies and the rules written to safeguard consumer data in the digital era.
