At least 25 million Americans — including roughly half of Texas’ population — were swept up in a massive data breach at tech firm Conduent, exposing sensitive information such as Social Security numbers and health insurance data.
Conduent, the New Jersey-based government and business technology contractor, was targeted by hackers in an attack that began in October 2024 and went undetected for nearly three months before being discovered on Jan. 13 of last year.
The ransomware attack is now coming into sharper focus as states continue to uncover how many people were affected.
Texas alone revised its number from 4 million people who may have been affected to 15.4 million — a staggering 285% increase.
In Oregon, an estimated 10.5 million people may have had their sensitive data exposed in the breach.
Hundreds of thousands of other victims in states like Delaware, Massachusetts and New Hampshire are also thought to have been affected.
The breach has also sparked a wave of litigation, with multiple class action lawsuits consolidated in federal court in New Jersey accusing Conduent of failing to adequately safeguard sensitive personal and health data and waiting months to notify victims after discovering the intrusion.
A plaintiffs’ steering committee was appointed in December to oversee the litigation, which could expose Conduent to significant damages, regulatory penalties and long-term fallout with state government clients.
Conduent operates critical backend systems for state governments nationwide, handling everything from Medicaid claims and eligibility systems to child support payments, food assistance and unemployment insurance.
The company works with agencies in 46 states and supports government healthcare programs serving about 120 million people, processing more than 500 million Medicaid claims each year and disbursing tens of billions of dollars annually in public benefits.
The attack was carried out by the SafePay ransomware group, which publicly claimed responsibility and said it siphoned roughly 8.5 terabytes of data from Conduent’s systems during the months-long intrusion.
SafePay listed Conduent on its dark web leak site in February 2025 and threatened to publish the data if a ransom was not paid, though Conduent has not said whether it engaged with the hackers.
Neither Conduent nor SafePay has confirmed the ransom demand amount, and the company has not publicly stated whether any payment was made.
Conduent is a publicly owned company whose stock is listed on the Nasdaq. In 2018, the stock eclipsed $23 a share but has shed 90% of its value since then. As of Monday, it was trading at around $1.50 a share.
The Post has sought comment from Conduent.
