- Compliance violation far larger than initially reported, now affecting tens of millions of people in several US states
- Data includes names, SSNs, medical and insurance details; Texas alone has 15.4 million victims, Oregon more than 10 million
- Ransomware group SafePay claimed responsibility, claiming to have stolen 8.5TB of data, although Conduent remains silent beyond boilerplate claims.
The recent data breach at Conduent now appears to have been much larger than initially thought, affecting tens of millions of people.
Conduent is a leading government contractor that works with more than 600 government entities worldwide, including those at the state, local and federal levels. It also serves the majority of Fortune 100 companies and operates large-scale transportation and tolling systems. In fact, it claims to support “6 of the 10 largest U.S. toll systems” through toll transaction processing infrastructure.
In late October 2025, the company confirmed that it had suffered a data breach in January of that year and said the initial investigation put the number of people affected at around four million. The stolen data included people’s names, social security numbers, medical data and health insurance information. However, the data stolen varies from person to person.
Half of Texas affected
At the time, reports examined the stolen data and claimed that more than 10 million people were affected, and while closer to what Conduent was saying, they still seemed to miss the mark.
New TechCrunch one report claims that in Texas alone, 15.4 million people are affected, or about half of the state’s total population. According to the Oregon Attorney General’s Office, the state has more than 10 million people affected. Additionally, Conduent apparently contacted “hundreds of thousands” of people in Delaware, Massachusetts, New Hampshire and other states.
The company itself makes no statement other than the standard one it sends to the press. Therefore, it is not yet clear how many people are actually affected.
A ransomware operation known as SafePay took responsibility for this attack, claiming to have stolen 8.5TB of data. SafePay isn’t as popular as LockBit or RansomHub, but it has hit a few prominent names, including Ingram Micro.
The best antivirus for every budget
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds. Make sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp Also.
