itstargetnews
See what you click on FoxBusiness.com.
A data breach that affected a major government technology contractor is now believed to be significantly larger than originally thought, with more than 25 million Americans affected.
Conduent, an enterprise technology company that provides a variety of services such as medical billing, toll transactions and prepaid card processing for government programs, experienced a data breach that began in October 2024 and was mitigated in January 2025.
The company started last October informing consumers who were affected by the breach, which was believed to have affected more than 10 million people who had their names, Social Security numbers and medical information exposed.
Newly released data breach reports have pushed the number of people affected in Texas to at least 15.4 million, up from a previous estimate of 4 million that was released in October, according to a report. TechCrunch report.
10 Million Americans Hit in Data Breach by GOVERNMENT CONTRACTOR
Conduent has been working on the process of notifying customers and consumers about the data breach. (Michael Nagle/Bloomberg via Getty Images)
Additionally, Oregon’s attorney general said more than 10 million people were affected by the breach, and Conduent has contacted “hundreds of thousands” of people in Delaware, Massachusetts, New Hampshire and other states, according to TechCrunch’s review of breach notifications.
A ransomware group known as SafePay claimed responsibility for the Conduent data breach and claimed to have stolen more than 8 terabytes of data over the course of the breach.
CHINA BANNS US, ISRAELI CYBERSECURITY COMPANIES OVER NATIONAL SECURITY CONCERNS: REPORT
| Ticker | security | last | change | % change |
|---|---|---|---|---|
| CNDT | CONDUENT INC | 1.48 | -0.02 |
-1.33% |
Conduent said in a presentation with the Securities and Exchange Commission (SEC) last fall that its investigation of the breach “confirmed that the datasets contained a significant number of personal information of individuals associated with our customers’ end users,” and notified its government and private sector customers about the affected end users.
Ransomware group SafePay claimed responsibility for the Conduent data breach. (iStock)
The company added on September 30, 2025, saying it is working with customers on the next steps required by federal and state law “including individual and regulatory filings that began in October 2025 and are expected to be completed in early 2026.”
TEXAS GOV ABBOTT ADDS POPULAR CHINESE ELECTRONICS, ONLINE SHOPPING COMPANIES TO ‘Banned’ TECH LIST
In a statement provided to FOX Business, Conduent said that “Working in conjunction with our customers, we expect to send all notifications to consumers by April 15th. Additionally, a dedicated call center has been established to handle consumer inquiries. At this time, Conduent has no evidence of any attempted or actual use of any information potentially affected by this incident.”
The company said in its statement that “given the nature and complexity of the data involved, Conduent worked diligently with a dedicated review team, including internal and external experts, and conducted a detailed analysis of the affected files to identify the personal information contained therein, which was a time-intensive process.”
Conduent said it expects to send all notifications to consumers by April 15. (iStock)
GET THE FOX BUSINESS ANYWHERE CLICK HERE
“Both Conduent and our external experts monitor the dark web regularly and have no evidence of any personal information being posted on the dark web,” the statement said.
