Conduent data breach expands, impacting over 25 million individuals in the US

A major ransomware attack on US government contractor Conduent has compromised the personal data of at least 25 million people, according to state breach notifications and an ongoing investigation by TechCrunch. The cyberattack, which occurred in January 2025, targeted one of the nation's largest providers of printing, mailroom, and document processing services for state benefit programmes.

Conduent handles sensitive information for government operations, including food assistance, unemployment, and workplace benefits, reaching over 100 million people. The stolen data includes individuals' full names, dates of birth, addresses, Social Security numbers, health insurance details, and medical records.

Scale of the Breach

An update to the state of Wisconsin’s data breach notification page confirms the national scale of the incident. TechCrunch's tally from various state notifications aligns with this figure, with Oregon (10.5 million) and Texas (15.4 million) accounting for the vast majority of affected individuals. Hundreds of thousands more victims have been identified in Massachusetts, New Hampshire, and Washington.

Despite the scale, Conduent has provided minimal public information about the cause of the breach or the total number of people impacted. A ransomware group claimed responsibility for the January attack.

Lack of Transparency and Hidden Notice

Conduent's communication has been criticised for its opacity. A company webpage titled "Incident Notice," published in October 2025 alongside its first data breach notifications, does not explicitly mention a cybersecurity incident. TechCrunch discovered a "noindex" tag in the page's source code, instructing search engines to exclude it from results and making it difficult for the public to find.

When contacted, Conduent spokesperson Sean Collins declined to specify how many notifications the company has issued or explain why the incident notice was hidden from search engines.

Context and Precedent

While billed as one of the largest breaches, it is likely smaller than the Change Healthcare hack of February 2024, which affected over 190 million people. In that incident, a Russian-speaking ransomware gang used a stolen credential without multi-factor authentication to steal health data, leading the company to pay at least two ransoms.

Conduent provides critical back-office technology and support services for state and corporate benefit programmes, placing it at the centre of a vast ecosystem handling Americans' most sensitive personal information.