Privacy Please

S6, E244 - They didn't hack in, they just logged in: The LexisNexis Security Incident


Listen Later

Send us a text

We explore the recent LexisNexus data breach that exposed sensitive personal information of over 364,000 individuals through a third-party platform accessing their GitHub account. This incident highlights critical vulnerabilities in how data brokers handle our most sensitive information and raises questions about regulatory oversight.

• Data exposed included names, date of birth, phone numbers, social security numbers, and driver's license numbers
• The breach occurred when someone accessed the company's GitHub account through a third-party platform
• Attackers likely found hard-coded credentials that allowed them to move laterally through systems 

• Data brokers operate with minimal regulation despite handling massive amounts of sensitive information
• Better governance policies and automated privacy operations could significantly reduce these risks
• Both technical solutions and regulatory approaches are needed to protect consumer data

  • Breach Occurred: December 25, 2024.
  • Discovery: April 1, 2025.
  • Public Notification: May 27, 2025.
  • Notice Letters Sent: May 24, 2025.

Shameless plus: Check out tools like Transcend's autonomous privacy operations to help prevent similar incidents and continue to monitor your privacy activities.


Support the show

...more
View all episodesView all episodes
Download on the App Store

Privacy PleaseBy Cameron Ivey

  • 4.6
  • 4.6
  • 4.6
  • 4.6
  • 4.6

4.6

28 ratings


More shows like Privacy Please

View all
Security Now (Audio) by TWiT

Security Now (Audio)

1,983 Listeners

Bloomberg Law by Bloomberg

Bloomberg Law

361 Listeners

CyberWire Daily by N2K Networks

CyberWire Daily

1,009 Listeners

The Privacy Advisor Podcast by Jedidiah Bracy, IAPP Editorial Director

The Privacy Advisor Podcast

66 Listeners

The Daily by The New York Times

The Daily

111,917 Listeners

Cybersecurity Today by Jim Love

Cybersecurity Today

166 Listeners

Hacking Humans by N2K Networks

Hacking Humans

314 Listeners

Serious Privacy by Dr. K Royal, Paul Breitbarth & Ralph O'Brien

Serious Privacy

23 Listeners

Cyber Security Headlines by CISO Series

Cyber Security Headlines

127 Listeners

She Said Privacy/He Said Security by Jodi and Justin Daniels

She Said Privacy/He Said Security

12 Listeners

Masters of Privacy by Sergio Maldonado

Masters of Privacy

7 Listeners

"The Data Diva" Talks Privacy Podcast by Debbie Reynolds

"The Data Diva" Talks Privacy Podcast

16 Listeners

Hacker And The Fed by Chris Tarbell & Hector Monsegur

Hacker And The Fed

167 Listeners

The Privacy Corner by Robert Bateman

The Privacy Corner

3 Listeners

The 404 Media Podcast by 404 Media

The 404 Media Podcast

315 Listeners