The spillover from a ransomware assault on one of many largest authorities contractors in america retains getting larger: greater than 25 million individuals have now had private information stolen within the hack.
Conduent offers printing, mailroom companies, and doc and cost processing companies for state authorities profit operations, resembling meals help, in addition to office and unemployment advantages for giant companies. As such, the corporate handles a considerable amount of private data belonging to a big swath of america. Conduent says its expertise and operational assist companies attain greater than 100 million individuals.
However for the reason that January 2025 cyberattack assault, which a ransomware group claimed credit score for, the company big has stated little concerning the data breach, resembling the way it was brought on and the way many individuals are affected.
An replace to the state of Wisconsin’s data breach notification web page now exhibits the Conduent breach impacts no less than 25 million individuals throughout america.
information.killnetswitch’s ongoing tally from numerous data breach notification letters that we’ve got seen additionally quantities to about 25 million individuals, with Oregon (10.5 million) and Texas (15.4 million) accounting for almost all of these affected. Different data breach notices seen by information.killnetswitch embody one other few hundred thousand people throughout Massachusetts, New Hampshire and Washington.
The breach is understood to have compromised people’ names, dates of beginning, addresses, Social Safety numbers, medical health insurance data, and medical information.
Conduent has stated little outdoors of its data breach notifications, and in some instances has made it tougher for affected people to study concerning the breach.
Techcrunch occasion
Boston, MA
|
June 9, 2026
A web page on Conduent’s web site, titled “Incident Discover” that was printed in October 2025 concurrently its first data breach notification, doesn’t explicitly point out a cybersecurity incident. The web page comprises a hidden “noindex” tag in its supply code, which tells engines like google to not record the web page in search outcomes, making it tough for anybody looking out the online to seek out it.
When reached by information.killnetswitch, Conduent spokesperson Sean Collins wouldn’t say what number of notifications the corporate has despatched so far, or why the corporate is hiding its incident discover from engines like google.
Conduent’s breach has been billed as one of many “largest ever,” however doubtless trails behind the Change Healthcare hack, which affected greater than 190 million individuals following a ransomware assault in February 2024. A Russian-speaking ransomware gang stole reams of well being and medical information from Change Healthcare utilizing a stolen credential that wasn’t protected with multi-factor authentication, prompting the healthcare tech big to pay no less than two ransoms to maintain many of the stolen information off the web.
