American enterprise companies large and authorities contractor Conduent disclosed in the present day that consumer knowledge was stolen in a January 2025 cyberattack.
Conduent is a enterprise companies firm that gives digital platforms and options for presidency and industrial purchasers in transportation, healthcare, buyer expertise, and human sources.
The corporate has over 33,000 workers and offers companies to half of Fortune 100 corporations and over 600 authorities and transportation companies.Â
In January, the firm suffered a cyberattack that impacted clients’ operations throughout the U.S., together with native authorities companies.
In a brand new FORM-8K submitting with the SEC in the present day, Conduent has now confirmed that menace actors had stolen information containing details about the corporate’s clients.
“As a part of its ongoing investigation, the Firm decided that the menace actor exfiltrated a set of information related to a restricted variety of the Firm’s purchasers.” reads the 8-Ok submitting.
“As a result of complexity of the information, the Firm engaged cybersecurity knowledge mining consultants to guage the exfiltrated knowledge and was lately knowledgeable of its nature, scope and validity, confirming that the info units contained a major variety of people’ private data related to our purchasers’ end-users.”
“The Firm is constant to additional analyze and doc the exact and detailed impression of the info exfiltrated, and purchasers are being knowledgeable as acceptable in an effort to decide subsequent steps as required by federal and state legislation.”
Conduent says there aren’t any indications that the stolen knowledge has been printed on the darkish internet or in one other public method. BleepingComputer has additionally not been capable of finding any ransomware gangs or menace actors leaking or providing the info on the market.
The corporate says that the assault has not had any materials impression on its operations, but it surely has incurred bills within the first quarter associated to the assault.
Conduct beforehand suffered a breach in 2020, when the Maze ransomware gang encrypted the corporate’s gadgets and stole company knowledge.
Primarily based on an evaluation of 14M malicious actions, uncover the highest 10 MITRE ATT&CK methods behind 93% of assaults and easy methods to defend in opposition to them.
