-
Conduent has just suffered a major data leak affecting more than 10 million customers.
-
According to the government contractor, the intrusion took place between October 21 last year and January 13, 2022.
-
Following the cyberattack, Conduent commenced recovery of its systems and operations in what the company characterized as a “disciplined recovery.”
US-based tech giant–and US government contracting firm Conduent suffered a data hack on its systems between last year October and January 2025. As a result of the hack, over 10 million customer details were exposed across several US states. Additionally, aside from individuals, notable firms were affected by the attack.
Details of the Conduent Data Breach
According to a recent Conduent filing, the firm noted that the attack took place in numerous states in the United States. Conduent originally confirmed the data breach in January 2025, after Wisconsin executives warned of delays in child support transactions.
As per the filing to the US Securities and Exchange Commission (SEC), Wisconsin was one of the states known to be affected by the service outage at the time.
The organization noted that crucial personal details of customers were exposed during the attack.
Conduent offers back-end processing, payment, and printing services to healthcare companies, insurance organizations, and state commissions.
As stated on its website, Conduent provides electronic payment card services to 37 US states; however, it remains unknown the total number of states impacted by the exploitation.
Data Breach Implications
Conduent later published its Q1 earnings report in May, revealing that it has suffered roughly $25 million in direct costs connected to breach response. Regardless of the company’s affirmation that it has insurance, the situation constituted a breach, and it is in the process of comprehensively reviewing the impact of the breach.
Previously, the US federal contractor has reported the hack to law enforcement and has engaged available third-party forensics firms. One is Palo Alto Networks and is also included in the investigation to provide objective oversight.
Conduent reported the attack to several states, disclosing that sensitive details had been exposed. Below are the details of customers impacted by the state:
- Oregon: 1,000,000+ victims
- Texas: 400,000 victims
- Montana: 200,000+ victims
- Washington: 76,000 victims
- South Carolina: 48,000+ victims
- New Hampshire: 10,000+ victims
- Maine: 378 victims
Furthermore, the firm sent breach notices to citizens in Massachusetts, Oregon, and California.
Companies Affected by the Conduent Data Hack
Notably, some leading customers have been affected by the attack, one of them being Premera Blue Cross. On Thursday, the health insurance company based in Washington acknowledged the effects of the Conduent data hack.
Some of the breached data may have included names of customers, Social Security numbers, dates of birth, claims numbers, and information about treatment. Regardless, Premera stated that the attack did not compromise any of its IT systems.
The firm further added that not every affected client had the same kind of data affected.
Another firm to be affected by the Conduent hack is the Wisconsin Child Support Trust Fund, which previously confirmed that it suffered from the breach. The organization noted that the hack had affected its ability to facilitate child support payments earlier in 2025.
As per the report, customers were later able to receive payment of funds through EBT cards or funds transfers.
Conduent reportedly reached out to the affected customers, offering complimentary credit monitoring and identity security services for exactly two years. The firm has explained that it is currently unaware of any attempted or actual abuse of the stolen credentials from the incident.
