π΄ Website π https://u-s-news.com/
Telegram π https://t.me/usnewscom_channel
At least 25 million Americans β including roughly half of Texasβ population β were swept up in a massive data breach at tech firm Conduent, exposing sensitive information such as Social Security numbers and health insurance data.
Conduent, the New Jersey-based government and business technology contractor, was targeted by hackers in an attack that began in October 2024 and went undetected for nearly three months before being discovered on Jan. 13 of last year.
The ransomware attack is now coming into sharper focus as states continue to uncover how many people were affected.
Texas alone revised its number from 4 million people who may have been affected to 15.4 million β a staggering 285% increase.
In Oregon, an estimated 10.5 million people may have had their sensitive data exposed in the breach.
Hundreds of thousands of other victims in states like Delaware, Massachusetts and New Hampshire are also thought to have been affected.
The breach has also sparked a wave of litigation, with multiple class action lawsuits consolidated in federal court in New Jersey accusing Conduent of failing to adequately safeguard sensitive personal and health data and waiting months to notify victims after discovering the intrusion.
A plaintiffsβ steering committee was appointed in December to oversee the litigation, which could expose Conduent to significant damages, regulatory penalties and long-term fallout with state government clients.
Conduent operates critical backend systems for state governments nationwide, handling everything from Medicaid claims and eligibility systems to child support payments, food assistance and unemployment insurance.
The company works with agencies in 46 states and supports government healthcare programs serving about 120 million people, processing more than 500 million Medicaid claims each year and disbursing tens of billions of dollars annually in public benefits.
The attack was carried out by the SafePay ransomware group, which publicly claimed responsibility and said it siphoned roughly 8.5 terabytes of data from Conduentβs systems during the months-long intrusion.
SafePay listed Conduent on its dark web leak site in February 2025 and threatened to publish the data if a ransom was not paid, though Conduent has not said whether it engaged with the hackers.
Neither Conduent nor SafePay has confirmed the ransom demand amount, and the company has not publicly stated whether any payment was made.
Conduent said it acted quickly to secure its networks, restore its systems and operations, notify law enforcement, and conduct an investigation with the assistance of third-party forensics experts.
βBoth Conduent and our third-party experts monitor the dark web regularly and have no evidence of any personal information being released on the dark web,β the company said in a statement.
Conduent is a publicly owned company whose stock is listed on the Nasdaq. In 2018, the stock eclipsed $23 a share but has shed 90% of its value since then. As of Monday, it was trading at around $1.50 a share.