By rssfeeds-admin 
Notification letters started arriving this month to millions of affected Americans. An unauthorized intruder accessed systems from October 21, 2024, to January 13, 2025, stealing files with personal data for tens of millions.
Conduent’s April 2025 SEC filing first revealed the incident, but recent state reports show wider impact: 15.4 million in Texas alone (up from 4 million initially), 10.5 million in Oregon, and more elsewhere.
Estimates now top 25 million victims, ranking it among 2025’s biggest breaches, though smaller than Change Healthcare’s 193 million cases in 2024.
Ransomware Group Claims Responsibility
The Safepay ransomware group took credit on its dark web leak site in early 2025. It boasted of exfiltrating over 8 terabytes, some posts claim 8.5 TB of sensitive data, including names, Social Security numbers, addresses, medical histories, and health insurance details.
Conduent confirmed data theft but has not verified the ransomware link or exact volume. The group, known for hitting over 73 victims and infecting 260 systems, targets high-value sectors like healthcare and government.
No public data dumps have surfaced yet, but the claim underscores rising third-party risks. Texas Attorney General Ken Paxton opened a probe in February 2026, calling it potentially the largest U.S. healthcare breach ever.
Conduent reports $25 million in response costs, covered partly by insurance, with no major operational hits.
Timeline of the Incident
- October 21, 2024 – January 13, 2025: Hacker lurks in a limited network segment, exfiltrating client files undetected.
- January 13, 2025: Conduent detects breach, faces brief disruptions in mailroom, payments, and benefits services. Experts contain it fast, restore systems, and alert law enforcement.
- April 9, 2025: SEC 8-K filing discloses “threat actor” stole personal data for client end-users; no dark web leaks then.
- Late 2025 – February 2026: Client notifications roll out; full consumer alerts due by mid-April 2026.
Sample letters note no misuse, evidence, and list stolen elements like names and health data. Call 855-291-2608 for help.
Stay alert for identity theft. Monitor credit reports weekly via AnnualCreditReport.com. Add fraud alerts or freezes at Equifax, Experian, and TransUnion.
Use unique passwords, enable MFA everywhere, and watch for phishing emails tied to the breach. Conduent regrets the worry and runs a support hotline.
This case spotlights vulnerabilities in government contractors. Expect more details as probes continue. Check state AG portals for updates.
Follow us on Google News, LinkedIn and X to Get More Instant Updates. Set Cyberpress as a Preferred Source in Google
The post Conduent Data Breach Becomes Largest in U.S. History After Ransomware Group Steals 8 TB appeared first on Cyber Security News.
Discover more from RSS Feeds Cloud
Subscribe to get the latest posts sent to your email.