Security Week

Conduent Says Names, Social Security Numbers Stolen in Cyberattack

Ionut Arghire April 15, 2025 2 min read

Business services provider Conduent has notified the Securities and Exchange Commission (SEC) that personal information was stolen in a disruptive cyberattack in January this year.

The incident was disclosed publicly after Oklahoma Human Services and the Department of Children and Families in Wisconsin reported disruptions caused by network issues at Conduent. Roughly 10 days later, the company said it had restored all the impacted systems.

In a fresh filing with the SEC, Conduent said it was able to restore normal operations “within days, and in some cases, hours,” noting that the incident did not have a material impact on operations.

However, the company also revealed that “the threat actor exfiltrated a set of files associated with a limited number of the company’s clients,” and that the files contained “a significant number of individuals’ personal information associated with our clients’ end-users”.

Responding to a SecurityWeek inquiry, Conduent revealed that the compromised personal information includes names, addresses, and Social Security numbers.

“The company continues its efforts to understand the full nature and scope of that affected data and will partner with its affected clients to provide appropriate notifications under the law,” Conduent said.

Conduent also noted that a third-party has confirmed that its environment is secure and that there has been “no further known malicious activity since the incident.”

The business services provider has not disclosed details about the cyberattack but the Safepay ransomware gang publicly added the company to its Tor-based leak site in February.

Advertisement. Scroll to continue reading.

“To the company’s knowledge, the exfiltrated data has not been released on the dark web or otherwise publicly,” Conduent told the SEC, which suggests that it might have negotiated with the attackers to prevent the data leak.