LexisNexis Risk Solutions (LNRS) is the latest big-name organization to disclose a serious cyberattack leading to data theft, with the number of affected individuals pegged at 364,333.
A notification letter being dispatched to affected individuals says that an “unauthorized party” gained access to a third-party software development platform on December 25, 2024, and made off with LNRS data.
The company, which offers various products related to data analytics, Know Your Customer, and risk management insights, among others, detected the intrusion on April 1, but said there was no impact on its own networks or systems.
It told The Register in a statement:
It added that “No financial, credit card, or other sensitive personal information was accessed” and said it believes its own systems, infrastructure, and products were not “compromised.”
It said it was notifying the circa 360,000 people affected as well as “appropriate regulators. We have also reported this incident to law enforcement.”
