You may be getting a notice that your personal info was leaked in a Conduent data breach. Here’s why

WASHINGTON — More than 10 million people are beginning to get notices from business services provider Conduent, telling them that they were affected by a January data breach that saw their personal information stolen from the company’s servers. 

Conduent provides a number of services for other companies and government agencies such as medical billing, automatic fee collection and Medicaid screening. 

In January 2025, the company had a service disruption that affected government agencies in several states. Months after the disruption, Conduent told the Securities and Exchange Commission that it had been attacked by hackers, who had stolen personal information from its systems. 

According to details shared by the company, the hackers accessed Conduent’s network on Oct. 21, 2024 but were only discovered and subsequently kicked off the network on Jan. 13, 2025.

Details from the Oregon state government show that more than 10.5 million people had their personal information stolen in the hack. 

According to HIPPAJournal.com, which provides information about medical services, the hack ranks eighth in the list of largest healthcare breaches in the world. 

Earlier this month, Conduent began notifying the people affected by the hack that their information had been obtained by malevolent actors. The company also sent notices to Attorneys General in several states informing them that they were preparing to send letters to thousands of people in their states. 

Over the nearly three months hackers were in the Conduent network, they were able to steal various files containing personal information from people who used the company’s services. Some of the information stolen included names, addresses, dates of birth, Social Security numbers, health insurance details and medical information. 

Conduent will not provide identity theft protection services to the millions of people affected by the hack. Instead, the letter they are providing to affected users encourages them to get a free credit report and put freezes on their credit. 

“Upon discovery of the incident, we safely restored our systems and operations and notified law enforcement,” the company wrote to affected users. “We are also notifying you in case you decide to take further steps to protect your information should you feel it appropriate to do so.”

Conduent said it was not aware of any of the data being used for fraud since the hack.