10M Americans hit in government contractor data breach

15 Nov 2025 By foxnews

Data breaches hit every kind of business, from hospitals to tech firms to major retailers. Now a leading government contractor has joined that list.

Conduent, which manages critical public services across the United States, says hackers infiltrated its systems for nearly three months. The cyberattack exposed personal information linked to more than 10 million people.

Conduent discovered the intrusion in January 2025 and said hackers had infiltrated its network as early as Oct. 21, 2024. During this period, attackers reportedly stole large amounts of data linked to state-level programs such as Medicaid, child support, food assistance and toll systems. Conduent claims that its investigation found no ongoing malicious activity and said operations were safely restored after the breach was contained.

Conduent manages technology and payment systems for dozens of U.S. state governments, processing roughly $85 billion in annual disbursements and handling over 2 billion customer service interactions every year. According to its own estimates, it supports around 100 million residents through various government health and welfare programs.

MAJOR DATA BROKER HACK IMPACTS 364,000 INDIVIDUALS' DATA

The company reported that at least 400,000 people in Texas were affected, with compromised data including Social Security numbers, medical records and health insurance details. Other affected states include Washington, South Carolina, New Hampshire, Maine, Oregon, Massachusetts and California. Notifications are being sent to all impacted individuals, and a dedicated call center has been established to answer questions about the breach.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you'll get instant access to my Ultimate Scam Survival Guide - free when you join my CYBERGUY.COM newsletter.

In January, Conduent described the event as an "operational disruption caused by a third-party compromise." The breach led to several days of downtime, disrupting vital services in multiple states. In Wisconsin, for instance, parents and beneficiaries were unable to process payments due to system outages, leaving many struggling to meet obligations related to child support and welfare programs.

The SafePay ransomware group later claimed responsibility for the attack, alleging it had stolen 8.5 terabytes of data. Conduent confirmed in a Securities and Exchange Commission (SEC) filing that hackers had indeed exfiltrated files belonging to a limited number of clients. The company says it hired cybersecurity experts to analyze the stolen data and recently confirmed that it contained significant amounts of personal information from end-users across multiple programs.

Despite the massive theft, Conduent said there is currently no evidence that the stolen data has been published online or on dark web marketplaces.

HACKERS TARGET ONLINE STORES WITH NEW ATTACK

We reached out to Conduent for a comment, and a rep for the company provided CyberGuy with the following statement:

"As previously disclosed in its April 2025 Form 8-K filing with the SEC, in January 2025, Conduent discovered that it was the victim of a cybersecurity incident. With respect to that incident, Conduent has agreed to send notification letters, on behalf of its customers, to individuals whose personal information may have been affected by this incident. In addition, a dedicated call center has been set up to address consumer inquiries. At this time, Conduent has no evidence of any attempted or actual misuse of any information potentially affected by this incident.

"Upon discovery of the incident, Conduent acted quickly to secure its networks, restore its systems and operations, notify law enforcement and conduct an investigation with the assistance of third-party forensics experts. In addition, given the nature and complexity of the data involved, Conduent has been working diligently with a dedicated review team, including internal and external experts, to conduct a detailed analysis of the affected files to identify the personal information contained therein, which was a time-intensive process. Conduent takes this matter seriously and regrets any inconvenience this incident may have caused."

If your information may have been exposed in the Conduent breach or any similar data leak, you're not without defenses. There are several steps you can take right now to reduce the risks.

Data brokers collect and sell personal information such as your name, home address, phone number and relatives' names. This data can be used for scams or social engineering attacks. Personal data removal services find these records across dozens of sites and submit takedown requests on your behalf.

While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren't cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It's what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.

Get a free scan to find out if your personal information is already out on the web: Cyberguy.com.

HACKERS STEAL MEDICAL RECORDS AND FINANCIAL DATA FROM 1.2M PATIENTS IN MASSIVE HEALTHCARE BREACH

After a major data breach, one of the most effective ways to protect yourself is to stay alert. Check your bank and credit card statements every few days for unusual transactions, even small ones. Watch your benefit accounts or tax filings for irregular activity. Early detection gives you time to freeze accounts or stop fraudulent charges before they escalate.

Antivirus software is your first line of defense against cyber threats that often follow large breaches. Stolen data can be used to launch targeted phishing attacks or spread malware through fake links and emails. A reliable antivirus solution actively scans for malicious activity, blocks suspicious downloads and keeps your devices safe from newer online threats through automatic updates.

The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices at Cyberguy.com.

OVER 8M PATIENT RECORDS LEAKED IN HEALTHCARE DATA BREACH

Even if your login credentials are compromised, two-factor authentication (2FA) can stop attackers from getting in. It requires an additional code sent to your phone, email, or authentication app, making unauthorized access nearly impossible. Enable 2FA on your banking, email and government-related accounts, as these often hold the most sensitive information.

Many breaches happen because people reuse the same password across multiple websites. A password manager eliminates that risk by creating and storing strong, unique passwords for every account.

Next, see if your email has been exposed in past breaches. Our #1 password manager (see Cyberguy.com) pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.

Check out the best expert-reviewed password managers of 2025 at Cyberguy.com

Identity theft protection services monitor your personal data across multiple sources, including the dark web and public records. Identity Theft companies can monitor personal information like your Social Security Number (SSN), phone number and email address, and alert you if it is being sold on the dark web or being used to open an account. They can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use by criminals.

See my tips and best picks on how to protect yourself from identity theft at Cyberguy.com.

Even though Conduent claims the stolen data hasn't surfaced online, that doesn't mean it's safe. Data exfiltration on this scale has long-term implications, from identity theft to potential fraud within public benefit systems. The real test will be how both Conduent and its government partners adapt their cybersecurity oversight to prevent similar breaches. Because at this point, the question isn't whether these systems will be targeted again, but whether they'll be any better prepared when it happens.

Do you think government contractors handling sensitive information should face stricter cybersecurity regulations? Let us know by writing to us at Cyberguy.com.