Conduent ransomware breach allegedly affects millions across states

The ransomware attack on government technology giant Conduent has turned out to be much larger than first reported. What initially seemed like a limited incident now appears to be affecting tens of millions of people across multiple states. In Texas alone, the data of at least 15.4 million residents may have been compromised. Oregon reported another 10.5 million individuals affected. Notices were also sent to hundreds of thousands of people in states such as Delaware, Massachusetts and New Hampshire. If you rely on government health care programs or government services, your data could be part of this breach.

Sign up for my free CyberGuy reportGet the best tech tips, breaking security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – for free when you join my site CYBERGUY.COM Newsletter

What we know about the hack so far

149 million passwords were exposed in a massive credential leak

What started as a “limited” ransomware incident now appears to be affecting tens of millions of people across multiple states. (Sebastian Kahnert/Image Alliance via Getty Images)

The cyber attack occurred in January 2025, and the Safeway ransomware gang later claimed responsibility, saying it had stolen more than 8 terabytes of data. Conduent first publicly disclosed the incident in April, months after hackers crippled its systems and caused an outage in government services across the country.

The company initially said about 4 million people In Texas They were affected. That number has since jumped to 15.4 million, nearly half the state’s population. Oregon’s attorney general reported another 10.5 million affected residents. Combined with other countries that have issued notifications, the total could reach tens of millions.

Stolen data includes names, Social Security numbers, Medical informationAnd health insurance details. This combination is particularly dangerous because it can be used for identity theft, medical fraud, and highly targeted scams.

It processes data for large companies, government agencies, and government healthcare programs. The company says its systems support services for more than 100 million people nationwide. However, it has not been confirmed whether the breach affects multiple individuals.

In a filing with the Securities and Exchange Commission, Conduent admitted that the stolen data included a “substantial amount” of individuals’ personal information associated with the end users of its clients, that is, people who rely on government agencies and corporate services that the company supports.

Ransomware attack exposes Social Security numbers at major gas station chain

Why this violation is particularly troubling

Unlike a retail breach, where credit card data may be exposed, this incident involves highly sensitive personal and medical information. Social Security numbers and health records are long-term identifiers. You cannot simply cancel or replace it like a debit card.

Healthcare-related data is especially valuable on the black market because it can be used to file fraudulent insurance claims, obtain prescription drugs, or open financial accounts. Because Conduent works behind the scenes for state agencies, many people may not realize that their data was stored by the company in the first place.

Conduent said it is still in the process of notifying affected individuals and expects to complete those notifications by early 2026. The company did not provide a clearer timeline or confirm how many total people will eventually be alerted. Many people may wait months before finding out whether their information has been compromised.

Conduent is responding to a January 2025 data breach

We reached out to Conduent for comment, and a company spokesperson provided CyberGuy with the following statement:

“As previously disclosed in the Form 8-K it filed in April 2025 with the SEC, in January 2025, Conduent discovered that it had been the victim of a fraud. Cyber ​​security incident. In connection with this incident, Conduent has agreed to send notification letters, on behalf of its customers, to individuals whose personal information may have been affected by this incident. Working together with our customers, we expect to send all customer notifications by April 15. In addition, a dedicated call center has been established to address customer inquiries. At this time, Conduent has no evidence of any attempted or actual misuse of any information potentially affected by this incident.

“Upon discovery of the incident, Conduent acted quickly to secure its networks, restore its systems and operations, notify law enforcement, and conduct an investigation with the assistance of third-party forensic experts. Additionally, given the nature and complexity of the data involved, Conduent diligently worked with a dedicated review team, including internal and external experts, and conducted a detailed analysis of the affected files to determine the personal information contained within them, a time-consuming process.”

“Both Conduent and our third-party experts regularly monitor the Dark Web and have no evidence of any personal information being published on the Dark Web.

“Rest assured, we have followed all the correct protocols and have assured our customers that we have secured the necessary data. Conduent is working with law enforcement and takes this matter very seriously. We apologize for any inconvenience this incident may have caused.”

How can I check if my information has been sold on the dark web?

To check if your information has been sold on the dark web, you can go to hasibeenpwned.com And enter your email address in the search bar. The website will look to see what your data exists and show if there are data breaches associated with your email address on different sites.

If you find that your data is on the web, remove it using a file Data removal service. Check out my top picks for data removal services and get a free check to see if your personal information really exists on the web by visiting Cyberguy.com

The hackers claim to have stolen more than 8 terabytes of data, including Social Security numbers and sensitive medical information. (Philip Dolian/Image Alliance via Getty Images)

8 steps you can take to protect yourself after a Conduent hack

When a breach involves Social Security numbers and medical data, you have to think long term. Here’s what you should do.

1) Place a credit freeze

A credit freeze prevents lenders from opening new accounts in your name without your consent. It’s free and can be placed with Equifax, Experian, and TransUnion. This is one of the strongest protections you can implement after an SSN exposure. You can temporarily raise it if you need to apply for credit.

2) Monitor your credit reports regularly

You are entitled to free credit reports from all three major bureaus. Look for unfamiliar accounts, credit inquiries, or address changes. Early detection makes it easier to stop fraud before it gets worse.

3) Use a password manager

If attackers obtain personal details like your name and email, they may attempt to launch credential stuffing attacks against your other accounts. A password manager creates strong, unique passwords for each account, so one hack doesn’t unlock everything else. Many password managers also include breach alerts if your credentials appear in known leaks.

Also check if your email has been exposed in previous breaches. Our #1 password manager (see Cyberguy.com) Choice includes a built-in penetration scanner that checks if your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.

Check out the best expert-reviewed password managers of 2026 at Cyberguy.com

4) Secure your email account first

Your email account is the gateway to almost everything. Protect it with a strong password and two-factor authentication. Review your recovery settings and recent login activity to make sure nothing has changed.

5) Enable two-factor authentication everywhere possible

Two-factor authentication (2FA) adds another barrier, even if someone has your password. Use an authenticator app instead of SMS whenever possible for stronger protection.

6) Install powerful antivirus software

Strong antivirus software can help block malicious links, phishing attempts, and ransomware. After a major breach occurs, fraudsters often target victims with subsequent attacks pretending to offer assistance or compensation. Security software adds another layer of protection.

Get my picks for the best antivirus protection winners of 2026 for Windows, Mac, Android, and iOS at Cyberguy.com

7) Consider identity theft protection

Identity theft services monitor your Social Security number, financial accounts, and even dark web marketplaces. If your information is misused, they can quickly alert you and help you recover faster. When social safety nets are exposed, constant monitoring becomes especially important.

Check out my tips and top picks on how to protect yourself from identity theft at Cyberguy.com

8) Reduce your digital footprint with a data removal service

Fraudsters often combine breach data with personal details found on data brokers’ websites. Our data removal service removes your phone number, address, and other exposed information from hundreds of databases. While no service can erase everything, reducing what is publicly available makes targeted fraud more difficult.

Check out my top picks for data removal services and get a free check to see if your personal information really exists on the web by visiting Cyberguy.com

Since Conduent supplies government and healthcare services behind the scenes, many affected people may not realize that their data is stored there. (Thomas Trotschl/Photothek via Getty Images)

Get a free check to see if your personal information is already on the web: Cyberguy.com

Key takeaway for Kurt

The ongoing hack highlights a growing risk that many people never expect. When major government contractors are hit, millions can be affected at once. Because these companies work behind the scenes, you may not realize that they hold your data. If your information is disclosed, taking action now can prevent long-term damage. The sooner you secure things, the harder it will be for criminals to take advantage of your data.

Click here to download the FOX NEWS app

Do you think? Companies that process government data Are they doing enough to protect him? Let us know your thoughts by writing to us at Cyberguy.com

Sign up for my free CyberGuy report Get the best tech tips, breaking security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – for free when you join my site CYBERGUY.COM Newsletter

Copyright 2026 CyberGuy.com. All rights reserved.