Massive Conduent Data Breach Exposes Tens of Millions Across U.S. States
A cyberattack on government technology contractor Conduent has resulted in a far larger data breach than initially reported, potentially affecting tens of millions of Americans. The incident, first disclosed in April 2024, occurred after hackers disrupted the company’s systems, causing widespread outages in government services.
Newly released data reveals that 15.4 million people in Texas nearly half the state’s population had their personal information compromised, a sharp increase from the 4 million initially reported in October. In Oregon, 10.5 million individuals were affected, while hundreds of thousands more in Delaware, Massachusetts, New Hampshire, and other states also had their data exposed. The stolen information includes names, Social Security numbers, medical records, and health insurance details.
Conduent, a major provider of government and corporate technology services, processes sensitive data for over 100 million people through healthcare programs and other public-sector contracts. Despite the scale of the breach, the company has not confirmed the total number of affected individuals or whether the incident impacted more than 100 million people. A spokesperson declined to answer key questions, including how many breach notifications have been sent.
The Safeway ransomware group claimed responsibility for the attack, asserting it exfiltrated over 8 terabytes of data. In an SEC filing, Conduent acknowledged that the stolen datasets contained personal information of end users but did not provide a clear timeline for completing notifications, stating only that the process would continue into early 2026. The full extent of the breach and its long-term impact remain unclear.
Source: https://mezha.net/eng/bukvy/massive-data-breach-at-conduent-exposes-millions-across-us-states/
Conduent cybersecurity rating report: https://www.rankiteo.com/company/conduent
Texas Health Resources cybersecurity rating report: https://www.rankiteo.com/company/texas-health-resources
Delaware North cybersecurity rating report: https://www.rankiteo.com/company/delaware-north
"id": "CONTEXDEL1770338879",
"linkid": "conduent, texas-health-resources, delaware-north",
"type": "Ransomware",
"date": "2/2026",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'Tens of millions of Americans',
'industry': 'Technology/IT Services',
'location': 'U.S.',
'name': 'Conduent',
'size': 'Major provider (processes data for over 100 '
'million people)',
'type': 'Government technology contractor'},
{'customers_affected': '15.4 million',
'location': 'Texas, U.S.',
'name': 'Texas residents',
'size': '15.4 million people',
'type': 'Individuals'},
{'customers_affected': '10.5 million',
'location': 'Oregon, U.S.',
'name': 'Oregon residents',
'size': '10.5 million people',
'type': 'Individuals'},
{'customers_affected': 'Hundreds of thousands',
'location': 'Delaware, U.S.',
'name': 'Delaware residents',
'size': 'Hundreds of thousands',
'type': 'Individuals'},
{'customers_affected': 'Hundreds of thousands',
'location': 'Massachusetts, U.S.',
'name': 'Massachusetts residents',
'size': 'Hundreds of thousands',
'type': 'Individuals'},
{'customers_affected': 'Hundreds of thousands',
'location': 'New Hampshire, U.S.',
'name': 'New Hampshire residents',
'size': 'Hundreds of thousands',
'type': 'Individuals'}],
'customer_advisories': 'Breach notifications to continue into early 2026',
'data_breach': {'data_exfiltration': 'Yes',
'number_of_records_exposed': 'Over 8 terabytes of data '
'(potentially 100+ million '
'individuals)',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High (Personally Identifiable '
'Information, medical records)',
'type_of_data_compromised': ['Names',
'Social Security numbers',
'Medical records',
'Health insurance details']},
'date_publicly_disclosed': '2024-04',
'description': 'A cyberattack on government technology contractor Conduent '
'has resulted in a far larger data breach than initially '
'reported, potentially affecting tens of millions of '
'Americans. The incident, first disclosed in April 2024, '
'occurred after hackers disrupted the company’s systems, '
'causing widespread outages in government services. The stolen '
'information includes names, Social Security numbers, medical '
'records, and health insurance details.',
'impact': {'data_compromised': 'Names, Social Security numbers, medical '
'records, health insurance details',
'downtime': 'Widespread outages in government services',
'identity_theft_risk': 'High'},
'investigation_status': 'Ongoing',
'ransomware': {'data_exfiltration': 'Yes', 'ransomware_strain': 'Safeway'},
'references': [{'source': 'SEC filing'}],
'response': {'communication_strategy': 'Breach notifications to continue into '
'early 2026'},
'threat_actor': 'Safeway ransomware group',
'title': 'Massive Conduent Data Breach Exposes Tens of Millions Across U.S. '
'States',
'type': 'Data Breach'}