A knowledge breach at authorities know-how big Conduent seems to have an effect on much more individuals than first disclosed, with the variety of victims doubtlessly stretching to dozens of thousands and thousands of individuals throughout america.
The January 2025 ransomware assault, which knocked out Conduent’s operations for several days, is now identified to have an effect on at the least 15.4 million individuals in Texas alone, accounting for about half of the state’s inhabitants. Conduent mentioned in October that 4 million individuals throughout the state had been affected.
One other 10.5 million individuals are affected throughout Oregon, per the state’s lawyer common.
Conduent has additionally notified a whole bunch of 1000’s of individuals throughout Delaware, Massachusetts, New Hampshire, and different states, in line with information breach notifications seen by TechCrunch.
The stolen information contains people’ names, Social Safety numbers, medical information, and medical insurance data.
One of many largest authorities contractors right this moment, Conduent handles and processes massive quantities of non-public and delicate data on behalf of enormous firms, authorities departments, and several U.S. states. The corporate says its know-how and operational assist companies attain greater than 100 million individuals in america throughout varied authorities healthcare applications.
When contacted with a number of questions concerning the information breach, Conduent spokesperson Sean Collins offered a boilerplate assertion that didn’t deal with the questions, nor did they reply if Conduent is aware of what number of people are affected by the cyberattack. The spokesperson wouldn’t say if the breach impacts greater than 100 million individuals.
Collins mentioned that the corporate has been working to “conduct an in depth evaluation of the affected recordsdata to determine the non-public data” taken within the breach however wouldn’t say what number of information breach notifications the corporate has despatched out up to now.
Little else is thought concerning the breach, and the corporate has disclosed few particulars. Conduent disclosed the cyberattack in April, months after hackers knocked out the corporate’s methods, which resulted in outages to authorities companies throughout america.
The Safeway ransomware gang took credit for the breach, claiming to have stolen over 8 terabytes of knowledge.
In a later SEC filing, the corporate mentioned that the stolen datasets “contained a major variety of people’ private data related to our shoppers’ end-users,” referring to its company and authorities prospects.
Conduent additionally mentioned it’s persevering with to inform people whose information was stolen within the breach, and plans to conclude alerting people by early 2026. The corporate didn’t give a extra particular timeline.
Have you learnt extra concerning the Conduent cyberattack? You may contact Zack Whittaker on Sign through the username zackwhittaker.1337 or by electronic mail: [email protected].
