- Conduent breach uncovered information of greater than 10 million individuals, together with delicate well being and identification info
- The assault lasted virtually three months; SafePay ransomware group claimed accountability
- The methods had been restored and secured; The authorities and affected states had been notified.
Conduent has confirmed the lack of delicate buyer information in a January 2025 cyberattack, probably affecting as much as 10 million individuals.
The firm, which helps organizations automate and handle large-scale operations, has filed information breach notices with the lawyer basic’s places of work of a number of US states, detailing the incident.
“On January 13, 2025, we found that we had been victims of a cyber incident that affected a restricted portion of our community,” the announcement reads. “Our investigation determined that an unauthorized third party accessed our environment from October 21, 2024 to January 13, 2025 and obtained some files.”
SafePay claims accountability for the assault
Examining the info,The file claims that risk actors stole information from greater than 10 million individuals.
Conduent is a serious authorities contractor that reportedly works with greater than 600 authorities entities world wide, together with these on the state, native, and federal ranges.
It additionally serves most Fortune 100 firms and manages large-scale tolling and transportation methods. In reality, it claims to assist “6 of the 10 largest toll systems in the US.” by way of a toll transaction processing infrastructure.
Stolen info varies from state to state and individual to individual. The file says that in Texas, greater than 400,000 individuals had been affected, whose Social Security numbers (SSN), medical info and medical health insurance information had been uncovered.
People in Washington (76,000), South Carolina (48,000) and New Hampshire (10,000) had been additionally uncovered.
“Upon discovering the incident, we safely restored our methods and operations and notified authorities,” the corporate stated. “This compromise was shortly contained and our technological atmosphere is presently thought of freed from recognized malicious exercise, as confirmed by our third-party safety consultants.”
A ransomware operation often called SafePay took accountability for this assault and claimed it stole 8.5TB of knowledge. SafePay is not as in style as LockBit or RansomHub, nevertheless it did discover some notable names, together with Ingram Micro.
Through The file