10M Americans hit in government contractor data breach

Data breaches deed each benignant of business, from hospitals to tech firms to large retailers. Now a starring authorities contractor has joined that list.

Conduent, which manages captious nationalist services crossed the United States, says hackers infiltrated its systems for astir 3 months. The cyberattack exposed idiosyncratic accusation linked to much than 10 cardinal people.

All astir the Conduent breach and its scale

Conduent discovered the intrusion successful January 2025 and said hackers had infiltrated its web arsenic aboriginal arsenic Oct. 21, 2024. During this period, attackers reportedly stole ample amounts of information linked to state-level programs specified arsenic Medicaid, kid support, nutrient assistance and toll systems. Conduent claims that its probe recovered nary ongoing malicious enactment and said operations were safely restored aft the breach was contained.

Conduent manages exertion and outgo systems for dozens of U.S. authorities governments, processing astir $85 cardinal successful yearly disbursements and handling implicit 2 cardinal lawsuit work interactions each year. According to its ain estimates, it supports astir 100 cardinal residents done assorted authorities wellness and payment programs.

MAJOR DATA BROKER HACK IMPACTS 364,000 INDIVIDUALS’ DATA

Hackers accessed Conduent’s web for astir 3 months, exposing delicate information from large authorities programs similar Medicaid and kid support. (Felix Zahn/Photothek via Getty Images)

The institution reported that astatine slightest 400,000 radical successful Texas were affected, with compromised information including Social Security numbers, aesculapian records and wellness security details. Other affected states see Washington, South Carolina, New Hampshire, Maine, Oregon, Massachusetts and California. Notifications are being sent to each impacted individuals, and a dedicated telephone halfway has been established to reply questions astir the breach.

Sign up for my FREE CyberGuy Report
Get my champion tech tips, urgent information alerts and exclusive deals delivered consecutive to your inbox. Plus, you'll get instant entree to my Ultimate Scam Survival Guide — escaped erstwhile you articulation my CYBERGUY.COM newsletter.

How the Conduent breach unfolded

In January, Conduent described the lawsuit arsenic an "operational disruption caused by a third-party compromise." The breach led to respective days of downtime, disrupting captious services successful aggregate states. In Wisconsin, for instance, parents and beneficiaries were incapable to process payments owed to strategy outages, leaving galore struggling to conscionable obligations related to kid enactment and payment programs.

The SafePay ransomware radical aboriginal claimed work for the attack, alleging it had stolen 8.5 terabytes of data. Conduent confirmed successful a Securities and Exchange Commission (SEC) filing that hackers had so exfiltrated files belonging to a constricted fig of clients. The institution says it hired cybersecurity experts to analyse the stolen information and precocious confirmed that it contained important amounts of idiosyncratic accusation from end-users crossed aggregate programs.

Despite the monolithic theft, Conduent said determination is presently nary grounds that the stolen information has been published online oregon connected acheronian web marketplaces.

HACKERS TARGET ONLINE STORES WITH NEW ATTACK

We reached retired to Conduent for a comment, and a rep for the institution provided CyberGuy with the pursuing statement:

"As antecedently disclosed successful its April 2025 Form 8-K filing with the SEC, successful January 2025, Conduent discovered that it was the unfortunate of a cybersecurity incident.  With respect to that incident, Conduent has agreed to nonstop notification letters, connected behalf of its customers, to individuals whose idiosyncratic accusation whitethorn person been affected by this incident.  In addition, a dedicated telephone halfway has been acceptable up to code user inquiries. At this time, Conduent has nary grounds of immoderate attempted oregon existent misuse of immoderate accusation perchance affected by this incident.

"Upon find of the incident, Conduent acted rapidly to unafraid its networks, reconstruct its systems and operations, notify instrumentality enforcement and behaviour an probe with the assistance of third-party forensics experts. In addition, fixed the quality and complexity of the information involved, Conduent has been moving diligently with a dedicated reappraisal team, including interior and outer experts, to behaviour a elaborate investigation of the affected files to place the idiosyncratic accusation contained therein, which was a time-intensive process. Conduent takes this substance earnestly and regrets immoderate inconvenience this incidental whitethorn person caused."

6 steps you tin instrumentality to support yourself from Conduent information breach

If your accusation whitethorn person been exposed successful the Conduent breach oregon immoderate akin information leak, you're not without defenses. There are respective steps you tin instrumentality close present to trim the risks.

The cyberattack disrupted captious nationalist services crossed aggregate states, with immoderate families temporarily incapable to process benefits oregon payments. (Kurt "CyberGuy" Knutsson)

1) Consider a idiosyncratic information removal service

Data brokers cod and merchantability idiosyncratic accusation specified arsenic your name, location address, telephone fig and relatives' names. This information tin beryllium utilized for scams oregon societal engineering attacks. Personal information removal services find these records crossed dozens of sites and taxable takedown requests connected your behalf.

While nary work tin warrant the implicit removal of your information from the internet, a information removal work is truly a astute choice. They aren’t cheap, and neither is your privacy. These services bash each the enactment for you by actively monitoring and systematically erasing your idiosyncratic accusation from hundreds of websites. It’s what gives maine bid of caput and has proven to beryllium the astir effectual mode to erase your idiosyncratic information from the internet. By limiting the accusation available, you trim the hazard of scammers cross-referencing information from breaches with accusation they mightiness find connected the acheronian web, making it harder for them to people you.

Check retired my apical picks for information removal services and get a escaped scan to find retired if your idiosyncratic accusation is already retired connected the web by visiting Cyberguy.com.

Get a escaped scan to find retired if your idiosyncratic accusation is already retired connected the web: Cyberguy.com.

HACKERS STEAL MEDICAL RECORDS AND FINANCIAL DATA FROM 1.2M PATIENTS IN MASSIVE HEALTHCARE BREACH

2) Monitor your accounts regularly

After a large information breach, 1 of the astir effectual ways to support yourself is to enactment alert. Check your slope and recognition paper statements each fewer days for antithetic transactions, adjacent tiny ones. Watch your payment accounts oregon taxation filings for irregular activity. Early detection gives you clip to frost accounts oregon halt fraudulent charges earlier they escalate.

3) Install a reputable antivirus program

Antivirus bundle is your archetypal enactment of defence against cyber threats that often travel ample breaches. Stolen information tin beryllium utilized to motorboat targeted phishing attacks oregon dispersed malware done fake links and emails. A reliable antivirus solution actively scans for malicious activity, blocks suspicious downloads and keeps your devices harmless from newer online threats done automatic updates.

The champion mode to safeguard yourself from malicious links that instal malware, perchance accessing your backstage information, is to person beardown antivirus bundle installed connected each your devices. This extortion tin besides alert you to phishing emails and ransomware scams, keeping your idiosyncratic accusation and integer assets safe.

Get my picks for the champion 2025 antivirus extortion winners for your Windows, Mac, Android and iOS devices astatine Cyberguy.com.

OVER 8M PATIENT RECORDS LEAKED IN HEALTHCARE DATA BREACH

4) Enable two-factor authentication (2FA)

Even if your login credentials are compromised, two-factor authentication (2FA) tin halt attackers from getting in. It requires an further codification sent to your phone, email, oregon authentication app, making unauthorized entree astir impossible. Enable 2FA connected your banking, email and government-related accounts, arsenic these often clasp the astir delicate information.

5) Use a password manager

Many breaches hap due to the fact that radical reuse the aforesaid password crossed aggregate websites. A password manager eliminates that hazard by creating and storing strong, unsocial passwords for each account.

Next, spot if your email has been exposed successful past breaches. Our #1 password manager (see Cyberguy.com) prime includes a built-in breach scanner that checks whether your email code oregon passwords person appeared successful known leaks. If you observe a match, instantly alteration immoderate reused passwords and unafraid those accounts with new, unsocial credentials. 

Check retired the champion expert-reviewed password managers of 2025 astatine Cyberguy.com

Conduent says the stolen files contained important amounts of idiosyncratic information, but has recovered nary signs the information has surfaced online oregon connected acheronian web marketplaces. (Kurt Knutsson)

6) Consider an individuality theft extortion service

Identity theft extortion services show your idiosyncratic information crossed aggregate sources, including the acheronian web and nationalist records. Identity Theft companies tin show idiosyncratic accusation similar your Social Security Number (SSN), telephone fig and email address, and alert you if it is being sold connected the acheronian web oregon being utilized to unfastened an account. They tin besides assistance you successful freezing your slope and recognition paper accounts to forestall further unauthorized usage by criminals. 

See my tips and champion picks connected however to support yourself from individuality theft astatine Cyberguy.com.

Kurt's cardinal takeaway

Even though Conduent claims the stolen information hasn't surfaced online, that doesn't mean it's safe. Data exfiltration connected this standard has semipermanent implications, from individuality theft to imaginable fraud wrong nationalist payment systems. The existent trial volition beryllium however some Conduent and its authorities partners accommodate their cybersecurity oversight to forestall akin breaches. Because astatine this point, the question isn't whether these systems volition beryllium targeted again, but whether they'll beryllium immoderate amended prepared erstwhile it happens.

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

Do you deliberation authorities contractors handling delicate accusation should look stricter cybersecurity regulations? Let america cognize by penning to america astatine Cyberguy.com.

Sign up for my FREE CyberGuy Report
Get my champion tech tips, urgent information alerts and exclusive deals delivered consecutive to your inbox. Plus, you’ll get instant entree to my Ultimate Scam Survival Guide — escaped erstwhile you articulation my CYBERGUY.COM newsletter.

Copyright 2025 CyberGuy.com.  All rights reserved.