Join Our SMS List
Health

Conduent Cybersecurity Incident Impacts 25 Million Americans in Major Data Breach

• By gsswpadmin


Check out what’s clicking on FoxBusiness.com.

A data breach affecting a major government tech contractor is now believed to be significantly larger than initially reported, impacting over 25 million Americans.

Conduent, a business technology firm known for services such as medical billing, toll transactions, and processing prepaid cards for government programs, experienced this data breach starting in October 2024, with mitigation efforts concluding in January 2025.

In October 2024, the company began notifying consumers affected by the breach, initially estimating that more than 10 million individuals had their names, Social Security numbers, and medical information exposed.

However, recent reports have revealed that the number of affected individuals in Texas alone has surged to at least 15.4 million, a significant increase from the earlier estimate of 4 million released in October. This information comes from a TechCrunch report.

10M AMERICANS HIT IN GOVERNMENT CONTRACTOR DATA BREACH

The Conduent logo on a stock exchange trading floor

Conduent has been working through the process of notifying clients and consumers about the data breach. (Michael Nagle/Bloomberg via Getty Images)

Furthermore, the Oregon attorney general reported that over 10 million individuals were affected by the breach. Conduent has reached out to “hundreds of thousands” of people in states like Delaware, Massachusetts, and New Hampshire, as noted in TechCrunch’s review of breach notifications.

A ransomware group known as SafePay has claimed responsibility for the Conduent data breach, asserting that they stole over 8 terabytes of data during the intrusion.

CHINA BANS US AND ISRAELI CYBERSECURITY FIRMS OVER NATIONAL SECURITY CONCERNS: REPORT

Ticker Security Last Change Change %
CNDT CONDUENT INC 1.48 -0.02 -1.33%

In a filing with the Securities and Exchange Commission (SEC) last fall, Conduent stated that its investigation confirmed the breach involved a significant amount of personal information associated with its clients’ end-users. The company has since notified its government and private sector clients about the affected individuals.

Shot from the Back to Hooded Hacker Breaking into Corporate Data Servers from His Underground Hideout. Place Has Dark Atmosphere, Multiple Displays, Cables Everywhere.

The SafePay ransomware group claimed responsibility for the Conduent data breach. (iStock)

In its September 30, 2025, filing, Conduent stated that it is collaborating with clients on the necessary steps mandated by federal and state law, including individual and regulatory notifications that began in October 2025 and are expected to conclude by early 2026.

TEXAS GOV ABBOTT ADDS POPULAR CHINESE ELECTRONICS, ONLINE SHOPPING COMPANIES TO ‘PROHIBITED’ TECH LIST

In a statement to FOX Business, Conduent mentioned, “Working in conjunction with our clients, we expect to send out all of the consumer notifications by April 15. Additionally, a dedicated call center has been established to address consumer inquiries. Currently, Conduent has no evidence of any attempted or actual misuse of any information potentially affected by this incident.”

The company further stated that “given the nature and complexity of the data involved, Conduent worked diligently with a dedicated review team, including internal and external experts, and conducted a detailed analysis of the affected files to identify the personal information contained therein, which was a time-intensive process.”

Hacker computer monitors

Conduent stated that it expects to send all consumer notifications by April 15. (iStock)

GET FOX BUSINESS ON THE GO BY CLICKING HERE

“Both Conduent and our third-party experts monitor the dark web regularly and have no evidence of any personal information being released on the dark web,” the statement concluded.


Check out what’s clicking on FoxBusiness.com.

A data breach affecting a major government tech contractor is now believed to be significantly larger than initially reported, impacting over 25 million Americans.

Conduent, a business technology firm known for services such as medical billing, toll transactions, and processing prepaid cards for government programs, experienced this data breach starting in October 2024, with mitigation efforts concluding in January 2025.

In October 2024, the company began notifying consumers affected by the breach, initially estimating that more than 10 million individuals had their names, Social Security numbers, and medical information exposed.

However, recent reports have revealed that the number of affected individuals in Texas alone has surged to at least 15.4 million, a significant increase from the earlier estimate of 4 million released in October. This information comes from a TechCrunch report.

10M AMERICANS HIT IN GOVERNMENT CONTRACTOR DATA BREACH

The Conduent logo on a stock exchange trading floor

Conduent has been working through the process of notifying clients and consumers about the data breach. (Michael Nagle/Bloomberg via Getty Images)

Furthermore, the Oregon attorney general reported that over 10 million individuals were affected by the breach. Conduent has reached out to “hundreds of thousands” of people in states like Delaware, Massachusetts, and New Hampshire, as noted in TechCrunch’s review of breach notifications.

A ransomware group known as SafePay has claimed responsibility for the Conduent data breach, asserting that they stole over 8 terabytes of data during the intrusion.

CHINA BANS US AND ISRAELI CYBERSECURITY FIRMS OVER NATIONAL SECURITY CONCERNS: REPORT

Ticker Security Last Change Change %
CNDT CONDUENT INC 1.48 -0.02 -1.33%

In a filing with the Securities and Exchange Commission (SEC) last fall, Conduent stated that its investigation confirmed the breach involved a significant amount of personal information associated with its clients’ end-users. The company has since notified its government and private sector clients about the affected individuals.

Shot from the Back to Hooded Hacker Breaking into Corporate Data Servers from His Underground Hideout. Place Has Dark Atmosphere, Multiple Displays, Cables Everywhere.

The SafePay ransomware group claimed responsibility for the Conduent data breach. (iStock)

In its September 30, 2025, filing, Conduent stated that it is collaborating with clients on the necessary steps mandated by federal and state law, including individual and regulatory notifications that began in October 2025 and are expected to conclude by early 2026.

TEXAS GOV ABBOTT ADDS POPULAR CHINESE ELECTRONICS, ONLINE SHOPPING COMPANIES TO ‘PROHIBITED’ TECH LIST

In a statement to FOX Business, Conduent mentioned, “Working in conjunction with our clients, we expect to send out all of the consumer notifications by April 15. Additionally, a dedicated call center has been established to address consumer inquiries. Currently, Conduent has no evidence of any attempted or actual misuse of any information potentially affected by this incident.”

The company further stated that “given the nature and complexity of the data involved, Conduent worked diligently with a dedicated review team, including internal and external experts, and conducted a detailed analysis of the affected files to identify the personal information contained therein, which was a time-intensive process.”

Hacker computer monitors

Conduent stated that it expects to send all consumer notifications by April 15. (iStock)

GET FOX BUSINESS ON THE GO BY CLICKING HERE

“Both Conduent and our third-party experts monitor the dark web regularly and have no evidence of any personal information being released on the dark web,” the statement concluded.