Conduent Data Breach Exposes Millions in Largest U.S. Healthcare Incident

Conduent Business Services suffered a massive data breach from October 21, 2024, to January 13, 2025. Ransomware group Safepay claims responsibility for stealing 8+ terabytes containing names, Social Security numbers, medical histories, and insurance details. Notifications now reach over 25 million Americans across multiple states. Texas AG investigation calls it potentially the largest healthcare breach in U.S. history.

Unauthorized access hit a limited network segment for three months. Discovery on January 13, 2025, triggered immediate containment with forensic experts. Government payment processing and benefits administration faced brief disruptions. Systems restored within days.

BEST WINTER DEALS

Editor's Choice

Private Internet Access

Access content across the globe at the highest speed rate.

70% of our readers choose Private Internet Access

70% of our readers choose ExpressVPN

ExpressVPN

Browse the web from multiple devices with industry-standard security protocols.

Nord VPN

Faster dedicated servers for specific actions (currently at summer discounts)

April 2025 SEC 8-K filing first disclosed exfiltration of client files. Initial scope underestimated dramatically. Texas notifications jumped from 4 million to 15.4 million affected. Oregon reports 10.5 million impacted. Total now exceeds Change Healthcare’s 2024 breach numbers.

Safepay posted proof on dark web leak site early 2025. Conduent confirms personal data exposure but not ransomware attribution or exact volume. Notification letters began late 2025, continuing through mid-April 2026.

Texas Attorney General Ken Paxton launched investigation February 2026. $25 million in response costs accrued by Q1 2025. Cyber insurance covers notification expenses.

Breach Timeline Table

Government contractor status amplifies breach significance. Payment processing for federal agencies exposed. Healthcare claims data spans multiple states comprehensively.

Sample notification admits unauthorized party obtained client files. Affected data varies by victim. No evidence of misuse reported. Dedicated hotline: 855-291-2608.

Safepay specializes in healthcare targets. 260+ victims claimed previously. Conduent represents highest-profile hit to date. Dark web monitoring shows no public data dumps yet.

Exposed Data Elements

• Full names and addresses
• Social Security numbers
• Medical histories and diagnoses
• Health insurance details
• Government benefits information

Enterprises face regulatory waves post-breach. HIPAA, state laws trigger compliance costs. Third-party risk management demands reevaluation immediately.

Individual Protection Steps

• Place fraud alerts with Equifax, Experian, TransUnion
• Freeze credit files to block new account openings
• Monitor medical claims for unauthorized billing
• Enable credit monitoring through Conduent’s offered services
• Watch for phishing claiming breach-related “assistance”
• Contact 855-291-2608 for notification questions

Conduent processes payments for government clients nationwide. Single point failure exposes millions across agencies. Vendor risk assessments must prioritize data processors now.

State AG portals track ongoing notifications. Texas investigation may expand to multi-state coordination. Safepay leak site activity bears watching closely.

FAQ