CyberHappenings logo
Home Browse Watchlists Experimental About

Track cybersecurity events as they unfold. Sourced timelines. Filter, sort, and browse. Fast, privacy‑respecting. No invasive ads, no tracking.

Conduent Data Breach Affects Millions

First reported
Last updated
3 unique sources, 5 articles

Summary

Hide ▲

Conduent, a business services provider, has confirmed that a data breach in 2024 impacted over 10.5 million individuals. The breach, initially disclosed in January 2025, affected government agencies in multiple US states. The attackers accessed Conduent's network on October 21, 2024, and were evicted on January 13, 2025. The compromised data includes names, addresses, dates of birth, Social Security numbers, health insurance details, and medical information. Conduent serves over 600 government and transportation organizations, and roughly half of Fortune 100 companies. The company has not provided an exact number of affected individuals, but breach notices indicate at least 10.5 million people were impacted, with the largest number in Oregon (10.5 million) and over 4 million in Texas. The Safepay ransomware group claimed responsibility for the attack in February 2025 and claimed to have stolen 8.5TB of data. Conduent provides services to several other states where specific data breach figures aren't published, potentially increasing the actual impact. As of October 24, 2025, there is no evidence that the stolen data has been misused. Additionally, Volvo Group North America disclosed that nearly 17,000 customers and/or staff had their personal details exposed in the Conduent data breach. Conduent is sending notifications to impacted parties, offering free membership to identity monitoring services for at least a year, along with credit and dark web monitoring, and identity restoration. Volvo Group North America has recently suffered a new data breach caused by a third-party supplier, Miljödata, exposing staff data such as full names and Social Security Numbers. The breach at Miljödata in August 2025 exposed the information of 1.5 million people, including Volvo Group employees in Sweden and the U.S. Ingram Micro, a major IT services provider, revealed a ransomware attack in July 2025 that affected over 42,000 individuals. The SafePay ransomware group was behind this attack, claiming to have stolen 3.5TB of documents. The attack triggered a massive outage and highlighted SafePay's growing activity as a significant ransomware threat.

Timeline

  1. 10.02.2026 19:04 1 articles · 6h ago

    Volvo Group North America affected by Conduent breach

    Volvo Group North America disclosed that nearly 17,000 customers and/or staff had their personal details exposed in the Conduent data breach. Conduent is sending notifications to impacted parties, offering free membership to identity monitoring services for at least a year, along with credit and dark web monitoring, and identity restoration.

    Show sources
    Open in new tab
  2. 10.02.2026 19:04 1 articles · 6h ago

    Volvo Group North America suffers new data breach

    Volvo Group North America has recently suffered a new data breach caused by a third-party supplier, Miljödata, exposing staff data such as full names and Social Security Numbers. The breach at Miljödata in August 2025 exposed the information of 1.5 million people, including Volvo Group employees in Sweden and the U.S.

    Show sources
    Open in new tab
  3. 19.01.2026 15:33 2 articles · 22d ago

    Ingram Micro ransomware attack affects 42,000 individuals

    Ingram Micro suffered a ransomware attack on its systems in July 2025, affecting over 42,000 individuals. The SafePay ransomware group was behind the attack, claiming to have stolen 3.5TB of documents. The attack triggered a massive outage and highlighted SafePay's growing activity as a significant ransomware threat.

    Show sources
    Open in new tab
  5. 30.10.2025 15:01 4 articles · 3mo ago

    Conduent Data Breach Affects Millions

    The breach impacted over 4 million individuals in Texas, 76,000 in Washington, and several hundred in Maine. The Safepay ransomware group claimed to have stolen 8.5TB of data. Conduent has filed with various state attorney general offices regarding the data breach. Conduent has previously disclosed that the breach affects 10.5 million people in Oregon and another 15.5 million in Texas.

    Show sources
    Open in new tab

Information Snippets

Similar Happenings

Under Armour Investigates Data Breach After 72 Million Records Allegedly Exposed

Under Armour is investigating a data breach after 72 million customer records were allegedly exposed online by the Everest ransomware group. The breach reportedly occurred in November 2025, with data including email addresses, personal information, and purchase details being published on a hacking forum in January 2026. Under Armour has confirmed the investigation and stated that there is no evidence the breach affected payment systems or customer passwords. Additionally, Iron Mountain, a data storage and recovery services company, reported a breach by the Everest group, which was limited to marketing materials and did not involve customer confidential or sensitive information.

Open in new tab

700Credit Data Breach Exposes 5.8 Million Records via Compromised API

700Credit, a major credit report and identity verification service, disclosed a data breach affecting 5,836,521 individuals. The breach, linked to a compromised third-party API, occurred between May and October 2025. Hackers accessed personal information, including names, addresses, dates of birth, and Social Security numbers, through a partner's system compromised in July 2025. The incident was contained to the 700Dealer.com application layer, and the company is offering affected individuals 12 months of free credit monitoring and identity restoration services. 700Credit began notifying impacted dealership clients on November 21 and will notify affected individuals starting December 22. The company has collaborated with the National Automobile Dealers Association (NADA) and reported the incident to the Federal Trade Commission (FTC), FBI, and various state attorney general offices. 700Credit serves over 23,000 automotive, RV, Powersports, and Marine dealer customers. The breach was due to a failure to validate consumer reference IDs against the original requester, and the attacker exfiltrated around 20% of consumer data. 700Credit revealed the breach in a notification to the Maine Office of the Attorney General (OAG) and advised affected customers to place a fraud alert and security freeze on their credit file.

Open in new tab

Marquis Software Solutions Ransomware Attack Exposes Data from 74 US Financial Institutions

Marquis Software Solutions, a financial software provider, suffered a ransomware attack on August 14, 2025, through a compromised SonicWall firewall. The breach impacted over 74 US banks and credit unions, exposing personal information of approximately 400,000 customers. The stolen data includes names, addresses, phone numbers, Social Security numbers, financial account information, and dates of birth. Marquis has since taken steps to enhance its security measures, but there is no evidence of data misuse or publication. The attack is suspected to be linked to the Akira ransomware gang, which has been targeting SonicWall VPN devices.

Open in new tab

Coupang Data Breach Exposes 33.7 Million Customer Records

Coupang, a South Korean e-commerce platform, confirmed a data breach affecting 33.7 million customers, including names, emails, phone numbers, physical addresses, and order information. The breach, initially detected on June 24, 2025, but discovered on November 18, 2025, was traced to an overseas unauthorized access. The Seoul Metropolitan Police identified a suspect, a former Coupang employee from China, who has left South Korea. The breach did not expose payment information or login credentials. Coupang has blocked the access route and strengthened internal monitoring. The police are investigating potential vishing or smishing activities related to the breach. On December 10, 2025, Coupang's CEO, Park Dae-jun, stepped down, taking full responsibility for the data breach and the company's response. Harold Rogers, the current chief administrative officer and general counsel based in Seattle, has been appointed as interim CEO. The Seoul Metropolitan Police raided Coupang's headquarters on December 9, 2025, to search for internal documents and records related to the breach. South Korea's Personal Information Protection Commission (PIPC) ordered Coupang to revise its liability exemption clause for data breaches and simplify its membership cancellation process. The suspect is a 43-year-old Chinese national who joined Coupang in November 2022 and left in 2024. The police are gathering records such as internal documents, logs, system records, IP addresses, user credentials, and access histories. The incident has sparked high-volume phishing activity in South Korea, affecting roughly two-thirds of its population, and the police have received hundreds of reports of Coupang impersonation since the start of the month. Coupang announced $1.17 billion (1.685 trillion Won) total compensation for the 33.7 million customers affected by the data breach. The compensation will be provided gradually, starting on January 15, 2026, to all Coupang customers, including WOW and non-WOW members, as well as those who canceled their membership. Each customer will receive four single-use purchase vouchers totaling 50,000 won (around $34). Coupang contacted the former employee directly earlier this month, met with them, and recovered their desktop computer's hard drives containing the sensitive data. A MacBook Air laptop belonging to the suspect was recovered from a river, where they disposed of it in an attempt to destroy evidence. The perpetrator accessed 33 million accounts but retained user data from approximately 3,000. The former employee did not transfer any of this data to others and subsequently deleted it from his devices. Investors in Coupang who suffered substantial losses following a cyber-attack are being urged to join plaintiffs in a class action lawsuit led by US-based law firm Hagens Berman. The breach has led to a $1.2bn compensation plan and a loss of over $8bn in market value for Coupang. Hagens Berman is investigating potential security failures made by the retailer, including inadequate protocols that allowed a former employee to retain access to sensitive customer information.

Open in new tab

Merkle Breach Exposes Employee and Client Data

Merkle, a US-based subsidiary of Dentsu, experienced a cyberattack resulting in the theft of sensitive employee and client data. The breach was detected through unusual network activity, prompting an incident response and investigation. The stolen data includes bank details, payroll information, and personal contact details. Merkle has notified affected individuals and law enforcement, and is offering credit monitoring and Dark Web monitoring to impacted employees. The nature of the attack remains unknown, but it may involve data extortion or ransomware. The incident highlights the ongoing threat of data theft and the importance of robust incident response protocols.

Open in new tab