Conduent data breach grows, affecting at least 25M people | TechCrunch
TechCrunch
by Zack WhittakerFebruary 24, 2026
AI-Generated Deep Dive Summary
Conduent, a major government contractor, has experienced a significant data breach following a ransomware attack in January 2024. The breach has affected over 25 million individuals, compromising sensitive personal information such as names, dates of birth, addresses, Social Security numbers, health insurance details, and medical records. Conduent, which provides critical services like document processing for government benefits and corporate payroll, handles vast amounts of data, making the breach particularly severe.
The attack was carried out by a Russian-speaking ransomware group, which exploited stolen credentials lacking multi-factor authentication (MFA). This breach follows another major incident at Change Healthcare in February 2024, which impacted over 190 million individuals. While Conduent's breach is substantial, it remains smaller than the healthcare giant's.
Conduent has faced criticism for its handling of the situation. The company's "Incident Notice" page includes a 'noindex' tag, preventing search engines from listing it and making it difficult for affected individuals to find information about the breach. This lack of transparency raises concerns about Conduent's commitment to addressing the issue and notifying those impacted.
The breach underscores critical issues in cybersecurity: the importance of MFA, transparency in data breach communication, and the need for robust security measures by companies handling vast amounts of sensitive data. For tech enthusiasts and professionals, this highlights the ongoing challenges in safeguarding systems against sophisticated cyberattacks and the necessity of proactive security strategies.
This incident serves as a reminder of the potential consequences of inadequate cybersecurity practices and the importance of clear communication during
Verticals
techstartups
Originally published on TechCrunch on 2/24/2026