FLORHAM PARK, N.J.--A cyberattack on Conduent Business Services has exposed the personal data of more than 25 million Americans, making it potentially the largest data breach in U.S. history, according to security analysts.
Conduent operates back-end systems for state governments nationwide, processing Medicaid claims and eligibility systems that support child support payments, food assistance and unemployment insurance. According to PYMNTS, compromised data may include names, addresses, dates of birth, Social Security numbers, health insurance details and other protected health information.
The breach occurred between Oct. 21, 2024, and Jan. 13, 2025, with public notice issued Jan. 22, 2025, according to the state filing cited by PYMNTS. Conduent said it discovered the cyber incident Jan. 13 and immediately secured its network and engaged third-party forensic experts to investigate.
Texas Attorney General Ken Paxton has since issued civil investigative demands to Conduent and Blue Cross Blue Shield of Texas, seeking documents related to the breach and compliance with state law, PYMNTS reported. Paxton described the incident as “likely the largest breach in U.S. history,” adding that Texans deserve accountability regarding the handling of their health information.
Blue Cross Blue Shield of Texas confirmed it was affected because Conduent provides mailroom, payment and other back-office support services, according to an update cited by PYMNTS, underscoring the broad downstream impact on health plan members.