post-thumb

Data breach reveals personal information of 25 million Americans

A significant data breach involving Conduent, a major government technology contractor, has been confirmed to affect over 25 million Americans, far exceeding initial estimates. The breach, which began in October 2024 and was addressed by January 2025, initially reported around 10 million individuals impacted, including exposure of personal data such as names, Social Security numbers, and medical information.

Recent reports indicate that the number of affected individuals in Texas alone has surged to approximately 15.4 million, up from the previously reported 4 million. The Oregon attorney general has also indicated that more than 10 million people are affected in that state, with notifications sent to numerous residents across Delaware, Massachusetts, New Hampshire, and others.

The ransomware group SafePay has claimed responsibility for the breach, asserting that they stole over 8 terabytes of data during their intrusion. Conduent has stated that it is actively notifying clients and consumers regarding the breach and has established a dedicated call center for inquiries. The company is working to complete individual and regulatory notifications by April 15, 2026.

In a filing with the Securities and Exchange Commission, Conduent emphasized the extensive nature of the data involved and the complexities surrounding the identification of affected personal information. As of now, the company has not found evidence of misuse of the compromised data, although they continue to monitor the situation closely, including the dark web, for any indications of data release.

Share: