Enterprise companies supplier Conduent is notifying tens of millions of those that their private info was stolen in a January 2025 information breach.
The incident was disclosed publicly in late January, when Conduent confirmed system disruptions that affected authorities businesses in a number of US states.
In April, the corporate notified the Securities and Change Fee (SEC) that the attackers had stolen private info from its methods.
Final week, Conduent began notifying customers that their private info was stolen within the incident, and submitted notices to Legal professional Basic’s Places of work in a number of states.
The hackers accessed Conduent’s community on October 21, 2024 and have been evicted on January 13, 2025, after the assault was recognized, the corporate says within the notification letter to the affected people.
Throughout the timeframe, the attackers exfiltrated numerous recordsdata from the community, together with recordsdata containing private info comparable to names, addresses, dates of delivery, Social Safety numbers, medical insurance particulars, and medical info.
Conduent isn’t offering the affected individuals with free id theft safety companies, however encourages them to acquire free credit score studies, place fraud alerts on their credit score recordsdata, and place safety freezes on their credit score studies.
“Upon discovery of the incident, we safely restored our methods and operations and notified legislation enforcement. We’re additionally notifying you in case you determine to take additional steps to guard your info do you have to really feel it applicable to take action,” the notification letter reads.Commercial. Scroll to proceed studying.
Based mostly on the breach notices submitted with the varied state authorities, it seems that not less than 4.5 million people have been impacted, with the biggest quantity in Texas (4 million). Nevertheless, the corporate has not offered a precise quantity.
Conduent serves over 600 authorities and transportation organizations, and roughly half of Fortune 100 corporations, throughout monetary, pharmaceutical, and car sectors. The corporate helps roughly 100 million US residents throughout 46 states.
Whereas the corporate has not shared particulars on the risk actor behind the assault, the Safepay ransomware group claimed the incident in February.
SecurityWeek has emailed Conduent for extra info and can replace this text if the corporate responds.
Associated: Toys ‘R’ Us Canada Buyer Info Leaked On-line
Associated: Prosper Knowledge Breach Impacts 17.6 Million Accounts
Associated: Hackers Steal Delicate Knowledge From Public sale Home Sotheby’s
Associated: On Demand: Menace Detection & Incident Response (TDIR) Summit
