Govtech services provider Conduent reported a significant expansion of a data breach occurring between October 2024 and January 2025. The number of affected individuals in Texas alone reached 15.4 million. This figure represents a substantial increase from the initial total estimate of 10.5 million people. The breach impacts individuals enrolled in various government health and welfare programs.
The SafePay ransomware group claimed responsibility for the incident. Compromised data includes Social Security numbers and dates of birth. The breach also exposed sensitive medical records and insurance details.
Conduent expects to incur $25 million in breach-related costs by the first quarter of 2026. These expenses will cover victim notifications and other recovery services. The company currently faces multiple class-action lawsuits stemming from the event. Management warned of potential future financial fallout from additional litigation and regulatory actions.