Massive Conduent Data Breach Impacts Millions

Got story updates? Submit your updates here. ›

A massive data breach at Conduent Business Services, a company that provides third-party printing, mailroom services and back-office support services for major corporations, has impacted over 10 million people across the United States. The breach, which occurred between October 2024 and January 2025, exposed sensitive information including Social Security numbers, addresses, and medical data.

Why it matters

This breach is significant due to the sheer scale of impacted individuals and the sensitive nature of the compromised data, which could lead to widespread identity theft and fraud. It also raises concerns about third-party vendor security and the need for stronger data protection regulations.

The details

Conduent discovered the cyber attack on January 13, 2025, and the investigation determined that hackers had access to the sensitive data for nearly three months. The breach has affected people in several states, including Georgia, South Carolina, New Jersey, New Hampshire, Maine, Massachusetts and New Mexico. Affected individuals are being offered free credit monitoring for one year, but must sign up by the April 30, 2026 deadline.

• The breach occurred between October 21, 2024 and January 13, 2025.
• Conduent discovered the cyber attack on January 13, 2025.
• Affected individuals must sign up for free credit monitoring by April 30, 2026.

What’s next

Officials stress that people should not throw away the notification letters, as this is a legitimate data breach and not a scam. Those who want the free credit monitoring must follow the information provided in their specific letter to sign up before the April 30 deadline.