2 months ago
22
A information breach astatine authorities exertion elephantine Conduent appears to impact acold much radical than archetypal disclosed, with the fig of victims perchance stretching to dozens of millions of radical crossed the United States.
The January 2025 ransomware attack, which knocked retired Conduent’s operations for respective days, is present known to impact astatine slightest 15.4 cardinal radical successful Texas alone, accounting for astir fractional of the state’s population. Conduent said successful October that 4 cardinal radical crossed the authorities were affected.
Another 10.5 cardinal radical are affected crossed Oregon, per the state’s lawyer general.
Conduent has besides notified hundreds of thousands of radical crossed Delaware, Massachusetts, New Hampshire, and different states, according to information breach notifications seen by TechCrunch.
The stolen information includes individuals’ names, Social Security numbers, aesculapian information and wellness security information.
One of the largest authorities contractors today, Conduent handles and processes ample amounts of idiosyncratic and delicate accusation connected behalf of ample corporations, authorities departments, and several U.S. states. The institution says its exertion and operational enactment services scope much than 100 cardinal radical successful the United States crossed assorted authorities healthcare programs.
When contacted with respective questions astir the information breach, Conduent spokesperson Sean Collins provided a boilerplate connection that did not code the questions, nor did they reply if Conduent knows however galore individuals are affected by the cyberattack. The spokesperson would not accidental if the breach affects much than 100 cardinal people.
Collins said that the institution has been moving to “conduct a elaborate investigation of the affected files to place the idiosyncratic information” taken successful the breach, but would not accidental however galore information breach notifications the institution has sent retired to date.
Little other is known astir the breach, and the institution has disclosed fewer details. Conduent disclosed the cyberattack successful April, months aft hackers knocked retired the company’s systems, which resulted successful outages to authorities services crossed the United States.
The Safeway ransomware pack took credit for the breach, claiming to person stolen implicit 8 terabytes of data.
In a aboriginal SEC filing, the institution said that the stolen information sets “contained a important fig of individuals’ idiosyncratic accusation associated with our clients’ end-users,” referring to its firm and authorities customers.
Conduent besides said it is continuing to notify individuals whose information was stolen successful the breach, and plans to reason alerting individuals by aboriginal 2026. The institution did not springiness a much circumstantial timeline.
Do you cognize much astir the Conduent cyberattack? You tin interaction Zack Whittaker connected Signal via the username zackwhittaker.1337 oregon by email: zack.whittaker@techcrunch.com.
English (US) ·