Over 10 Million Affected in Government Contractor Conduent Data Breach
A significant data breach involving Conduent, a major government contractor, has impacted over 10 million individuals. This incident, which happened between October 21 and January 13, allowed hackers to infiltrate the company’s network. Conduent manages a range of government programs, including Medicaid, and provides essential technology services across various states.
Details of the Data Breach
Conduent reported the breach to multiple states, revealing that sensitive information had been compromised. The exposed data includes social security numbers, medical information, and health insurance details. The company has initiated an investigation and has cooperated with law enforcement.
Number of Affected Individuals by State
- Texas: 400,000 individuals
- Washington: 76,000 individuals
- South Carolina: 48,000 individuals
- New Hampshire: 10,000 individuals
- Maine: 378 individuals
Additional breach notices were sent to residents in Oregon, Massachusetts, and California. Conduent aims to notify all affected individuals through breach notification letters and set up a dedicated call center to answer inquiries.
Company’s Response and Impact
Following the discovery of the breach, Conduent restored its systems and operations. The company emphasized a “disciplined recovery” approach, which resulted in temporary service disruptions. Many customers faced payment processing challenges during this time.
In the last fiscal quarter, Conduent reported revenues of $754 million. Additionally, the company disclosed that it has incurred approximately $2 million in expenses related to the breach response.
Cybersecurity Implications
The breach was connected to a cyber attack claimed by the SafePay ransomware group, which asserted it had stolen 8.5 terabytes of data. Conduent stated that, to date, this data has not been made available on the dark web.
To assess the impact of the breach, Conduent engaged cybersecurity experts. These specialists are evaluating the nature, scope, and validity of the exposed data. The company intends to utilize its cyber insurance policy to mitigate some of the financial repercussions of this event.
As authorities continue investigations, Conduent remains focused on ensuring the security of its systems and restoring public trust.
