Data Breaches

Conduent Breach Hits Volvo Group: Nearly 17,000 Employees’ Data Exposed

The Conduent data breach affects at least 25 million individuals, up from 10 million estimated a few months ago. 

Volvo Group ransomware data breach

Truck, bus and industrial equipment maker Volvo Group North America is one of the several major companies impacted by a recent data breach at business services provider Conduent.

Conduent detected an intrusion on its network on January 13, 2025, and an investigation revealed that the hackers had access to its network since October 21, 2024. The attackers obtained personal information such as names, addresses, SSNs, dates of birth, health insurance data, and medical information.

The Safepay ransomware group took credit for the attack on Conduent in February 2025.

In recent notifications sent to impacted individuals on behalf of Volvo Group, Conduent indicated that it provides printing/mailroom, document processing, payment integrity, and other back-office support services to the companies affected by the data breach.

In the case of Volvo Group, the company told the Maine Attorney General that nearly 17,000 employees are affected. Volvo appears to have learned about the incident only in January 2026.

Based on data breach notifications submitted by Conduent in October 2025 to attorney general’s offices in various US states, the incident appeared to impact roughly 10 million individuals

Advertisement. Scroll to continue reading.

However, recent updates shared by the company with AGs indicate that the data breach affects more than twice as many people as initially believed. For instance, in Texas the number of affected individuals has increased from 4 million to 15 million. In addition, more than 10 million people from Oregon are also affected.

Conduent has yet to share any updates with the Maine AG, which requires companies to specify the total number of individuals impacted by a cybersecurity incident. In October, the company told the Maine AGO that 374 of the state’s residents had been impacted, but did not share the total number.

This is not the only third-party data breach affecting Volvo Group in recent months. In September 2025, the truck maker notified employees of a breach at Miljödata, a Swedish IT company that had been hit by ransomware. 

UPDATE: After this article was published Conduent provided the following statement to SecurityWeek:

As previously disclosed in its April 2025 Form 8-K filing with the SEC, in January 2025, Conduent discovered that it was the victim of a cybersecurity incident.  With respect to that incident, Conduent has agreed to send notification letters, on behalf of its customers, to individuals whose personal information may have been affected by this incident.  In addition, a dedicated call center has been set up to address consumer inquiries. At this time, Conduent has no evidence of any attempted or actual misuse of any information potentially affected by this incident.

Upon discovery of the incident, Conduent acted quickly to secure its networks, restore its systems and operations, notify law enforcement, and conduct an investigation with the assistance of third-party forensics experts.    In addition, given the nature and complexity of the data involved, Conduent has been working diligently with a dedicated review team, including internal and external experts, to conduct a detailed analysis of the affected files to identify the personal information contained therein, which was a time-intensive process.

Conduent takes this matter seriously and regrets any inconvenience this incident may have caused.

Related: European Commission Investigating Cyberattack

Related: Flickr Security Incident Tied to Third-Party Email System

Related: Substack Discloses Security Incident After Hacker Leaks Data

Related Content

Data Breaches

Hackers accessed the insurance giant’s policyholder portal multiple times between June 15 and June 25.

Data Breaches

Only a handful of the 100 organizations targeted in the PeopleSoft campaign have been confirmed.

Data Breaches

The ShinyHunters extortion group claims to have stolen 3.1 TB of data from the organization.

Data Breaches

Roughly two dozen companies have notified their customers of the Klue-Salesforce incident impact.

Data Breaches

Over a dozen Klue customers have confirmed that hackers stole data from their Salesforce instances.

Data Breaches

Hackers stole customers’ names, addresses, email addresses, phone numbers, and account information.

Data Breaches

Threat actors gained access to personal and protected health information that Xsolis received from its clients.

Data Breaches

HackerOne, Huntress, Jamf, OneTrust, Recorded Future, Snyk, and Tanium are among the affected Klue customers.

Copyright © 2026 SecurityWeek ®, a Wired Business Media Publication. All Rights Reserved.

Exit mobile version