Here’s the latest on the Conduent data breach based on recent public reporting.
Short answer
- As of early 2026, reports indicate a large-scale breach connected to Conduent’s services affected tens of millions of individuals, with investigations tracing initial access to late 2024 and activity continuing into 2025, and formal notifications issued to affected people in late 2025. [cite1][cite2][cite3]
Background and timeline
- Initial intrusion reportedly began around October 21, 2024, with unauthorized access lasting until January 13, 2025, and data exfiltration tied to a broader event affecting clients and end users supported by Conduent [cite1][cite6].
- The breach was disclosed publicly in 2025, with notices and analyses indicating that data included personal identifiers such as names, addresses, dates of birth, Social Security numbers, and health/insurance information belonging to individuals associated with Conduent’s clients [cite1][cite2][cite7].
Scope of impact
- Reports from multiple outlets in late 2025 and early 2026 consistently describe the incident as affecting more than 10 million people, with some sources citing figures around 10.5 million and others suggesting broader exposure depending on the data sets involved [cite2][cite3][cite5][cite7].
- Conduent has engaged in incident response activities, including working with third-party forensic experts and notifying affected individuals—often coordinated through client organizations—about the data implicated in the breach [cite1][cite5][cite6].
Current status and guidance
- Affected individuals may have received breach notifications and should monitor for identity theft or healthcare-related fraud indicators, such as unfamiliar account activity, unexpected health insurance communications, or requests for additional personal information.
- If you believe you may be affected, consider steps such as placing fraud alerts or credit freezes, reviewing medical and insurance statements for anomalies, and enrolling in any offered credit/identity monitoring services.
Notes on sources
- The above reflects reporting from cybersecurity and tech-news outlets and industry press covering the Conduent incident through late 2025 and into 2026. If you want, I can pull the most recent public notices or provide a concise, per-state notification summary and include direct links. [cite1][cite2][cite3][cite5][cite6][cite7]
Would you like me to compile a state-by-state breakdown of affected notices or provide a checklist for monitoring and safeguarding your information if you suspect you were exposed?
Sources
/PRNewswire/ -- Schubert Jonckheer & Kolbe LLP is investigating a data breach that led to unauthorized access to the sensitive information of 10,515,849...
www.prnewswire.comYou could be one of more than 10 million people caught up in its recent data breach. Here's what to watch out for.
www.malwarebytes.comUsers who had their data stolen in a hack earlier this year are starting to receive notices from the company about what information the thieves took.
www.khou.comOver 10.5 million individuals were impacted by a widespread 2024 data breach at Conduent Business Services, with customer notifications issued in October 2025
www.infosecurity-magazine.comThe hackers stole names, addresses, dates of birth, Social Security numbers, and health and insurance information.
www.securityweek.comThe cyberattack, which affected several state agencies, has also impacted multiple insurance providers.
www.cybersecuritydive.comMassive ransomware attack on government contractor Conduent may have exposed data of tens of millions across multiple states including Texas and Oregon.
www.foxnews.comA business associate data breach has affected millions of individuals across several states, impacting beneficiaries of Blue Cross Blue Shield of Montana, Premera Blue Cross and more.
www.techtarget.comA data breach discovered in January at solution provider Conduent affected at least 10.5 million individuals, according to a disclosure posted by the Oregon Attorney General’s Office.
www.crn.com