SECURITYWEEK NETWORK:

ICS:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Incident Response

Conduent Says Names, Social Security Numbers Stolen in Cyberattack

The business services provider confirms personal information such as names and Social Security numbers was stolen in a January cyberattack.

Business services provider Conduent has notified the Securities and Exchange Commission (SEC) that personal information was stolen in a disruptive cyberattack in January this year.

The incident was disclosed publicly after Oklahoma Human Services and the Department of Children and Families in Wisconsin reported disruptions caused by network issues at Conduent. Roughly 10 days later, the company said it had restored all the impacted systems.

In a fresh filing with the SEC, Conduent said it was able to restore normal operations “within days, and in some cases, hours,” noting that the incident did not have a material impact on operations.

However, the company also revealed that “the threat actor exfiltrated a set of files associated with a limited number of the company’s clients,” and that the files contained “a significant number of individuals’ personal information associated with our clients’ end-users”.

Responding to a SecurityWeek inquiry, Conduent revealed that the compromised personal information includes names, addresses, and Social Security numbers. 

“The company continues its efforts to understand the full nature and scope of that affected data and will partner with its affected clients to provide appropriate notifications under the law,” Conduent said. 

Conduent also noted that a third-party has confirmed that its environment is secure and that there has been “no further known malicious activity since the incident.” 

The business services provider has not disclosed details about the cyberattack but the Safepay ransomware gang publicly added the company to its Tor-based leak site in February. 

Advertisement. Scroll to continue reading.

“To the company’s knowledge, the exfiltrated data has not been released on the dark web or otherwise publicly,” Conduent told the SEC, which suggests that it might have negotiated with the attackers to prevent the data leak.

Related: Hertz Discloses Data Breach Linked to Cleo Hack

Related: PowerSchool Portal Compromised Months Before Massive Data Breach

Related: 18,000 Organizations Impacted by NTT Com Data Breach

Related: Breach at Schools Hit After Retirement Services Firm Hit by Ransomware

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

More from

Latest News

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Virtual Event: Threat Detection and Incident Response Summit
May 21, 2025

Join this event as we dive into threat hunting tools and frameworks, and explore value of threat intelligence data in the defender’s security stack.

Register

Webinar: Which Security Testing Approach is Right for You?
March 25, 2025

Learn how integrating BAS and Automated Penetration Testing empowers security teams to quickly identify and validate threats, enabling prompt response and remediation.

Register

People on the Move

Security awareness training firm KnowBe4 has named Bryan Palma as president and CEO effective May 5.

Threat intelligence firm Team Cymru has appointed Joe Sander as its Chief Executive Officer.

Madhu Gottumukkala has been named Deputy Director of the cybersecurity agency CISA.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.