Conduent faces lawsuits, Texas AG investigation over huge knowledge breach

A Morris County firm that gives administrative providers for companies and authorities companies has agreed to cooperate with investigators in search of details about a large knowledge breach that uncovered tens of millions of people’ delicate private and medical data.

Conduent Business Services, based mostly in Florham Park, first found that its community had been compromised in January 2025, in response to a discover on the corporate’s web site.

An inner investigation decided that hackers accessed the corporate’s community from Oct. 21, 2024, to Jan. 13, 2025, and obtained recordsdata that include people’ private data. The stolen data might embrace names, addresses, social safety numbers, dates of start, medical data, and medical insurance data.

“To date, there is no evidence that any underlying data has been misused, posted, or made publicly available, and we continue to monitor closely,” the corporate mentioned in a press release despatched to NJ.com.

It’s unclear precisely how many individuals had been affected, but it surely’s “a significant number,” in response to a disclosure type filed with the United States Securities and Exchange Commission.

The full scope and scale of the cyberattack continues to be being decided but it surely consists of tens of millions of individuals nationwide. A client safety alert from the Oregon Department of Justice reviews that 10.5 million people had been affected within the breach. A letter despatched to the New Hampshire Attorney General’s workplace reviews practically 11,000 affected residents within the Granite State. Down in Texas, state officers declare the cyberattack uncovered 4 million residents.

It’s unclear if any New Jerseyans had been impacted.

Conduent, a spin-off of Xerox, is a publicly traded firm that provides mailroom, cost, and different enterprise help providers. According to its web site, Conduent works with practically half of Fortune 100 firms and greater than 600 authorities and transportation companies. Among its shoppers are Humana, Blue Cross Blue Shield of Illinois, Blue Cross and Blue Shield of New Mexico and Blue Cross and Blue Shield of Texas.

Texas Attorney General Ken Paxton introduced final week his workplace was investigating the Conduent knowledge breach.

“The Conduent data breach was likely the largest breach in US history. If any insurance giant cut corners or has information that could help us prevent breaches like this in the future, I will work to uncover it,” Paxton mentioned in a press launch.

In a press release despatched to NJ.com, Conduent mentioned it could adjust to investigators.

“We look forward to working cooperatively with the Texas Attorney General’s Office to provide the relevant information, consistent with our longstanding practice of constructive engagement with regulators,” the corporate mentioned.

There’s additionally a pending class motion lawsuit towards Conduent in New Jersey federal courtroom stemming from the info breach. The consolidated litigation alleges the corporate didn’t implement fundamental safety measures, leaving tens of millions of people’ delicate private and medical data uncovered.

Conduent maintains that it acted promptly and in accordance with incident-response protocols to include and examine the incident.