The fallout from a January 2025 ransomware attack on US government contractor Conduent has widened, with fresh disclosures indicating that more than 25 million Americans have now had personal data compromised. The scale of the breach places it among the largest cyber incidents in recent US history, raising renewed concerns about the vulnerability of critical service providers that manage sensitive public records.
Conduent, which provides printing, mailroom, document processing, and payment services for state benefit programmes including food assistance and unemployment support, handles data for a vast cross section of the US population. The company says its operational and technology services reach over 100 million people. However, since the ransomware group claimed responsibility for the attack earlier this year, Conduent has released limited details about how the breach occurred or the full scope of those affected.
An update on the state of Wisconsin’s data breach notification portal indicates the incident has impacted at least 25 million individuals nationwide. Separate tallies compiled from official notification letters show that Oregon and Texas account for the bulk of affected residents, with 10.5 million and 15.4 million individuals respectively. Additional notices have surfaced in Massachusetts, New Hampshire, and Washington, affecting hundreds of thousands more.
Compromised information is understood to include names, dates of birth, residential addresses, Social Security numbers, health insurance details, and certain medical data. Despite the breadth of exposure, Conduent has faced criticism for what observers describe as limited transparency. A webpage titled “Incident Notice,” published in October 2025, does not explicitly reference a cybersecurity breach and contains coding instructions that prevent search engines from indexing it, making it harder for the public to locate through online searches.
While the Conduent incident has been described as one of the largest ever recorded, it still trails the 2024 ransomware attack on Change Healthcare, which exposed data of more than 190 million people. That earlier breach, attributed to a Russian speaking ransomware group, involved the theft of extensive health records after attackers exploited credentials that lacked multi factor authentication. The latest disclosures underscore the escalating risks posed by ransomware actors targeting entities that sit at the heart of government and healthcare infrastructure.