Business services provider Conduent disclosed that unauthorized actors accessed and stole personal information, including names and Social Security numbers, during a January 2024 cybersecurity incident.
In a Form 8-K filing with the Securities and Exchange Commission (SEC), Conduent revealed that attackers gained access to a "limited portion" of the company's IT environment on January 13. The breach led to service disruptions affecting government agencies across multiple U.S. states, impacting systems used for child support payments and food assistance programs.
The company, which provides technology services to state governments including California, Florida, Texas and Virginia, confirmed that threat actors exfiltrated files containing personal data belonging to clients' end-users. While investigating the full scope of compromised information, Conduent engaged cybersecurity experts to analyze the stolen data.
According to the SEC filing, the company swiftly implemented its cybersecurity response protocols and restored affected systems within days. While Conduent faces substantial one-time costs related to breach notifications, it reported no major operational impacts. The company maintains cyber insurance coverage and has notified federal law enforcement.
Though technical details about the attack remain undisclosed, security experts suspect ransomware involvement. Notably, this marks Conduent's second major security incident in recent years, following a 2020 breach by the Maze ransomware group.
The company stated that the stolen data has not appeared on dark web forums or been publicly released. Conduent continues to analyze the extent of the breach and is in the process of notifying impacted clients.