Between October 2024 and January 2025, hackers from the SafePay ransomware group had nearly three months of undetected access to systems operated by Conduent, a business process services company that handles government benefit payments for millions of Americans. The result is one of the largest data breaches in U.S. history: 8.5 terabytes of stolen data, over 62 million individuals potentially affected, and some of the most sensitive personal information imaginable — Social Security numbers, medical records, and health insurance details — now in the hands of criminals. Here is what happened and what you need to do right now.
What Happened in the Conduent Breach
Conduent is not a household name, but its systems touch the daily lives of tens of millions of Americans. The company processes payments and manages data for government programs including Medicaid, SNAP (food assistance), child support disbursements, and other state-administered benefits. If you have received government benefits in states that contract with Conduent, your data was likely in their systems.
The SafePay ransomware group gained access to Conduent's network on October 21, 2024. They maintained that access for nearly three months, until January 13, 2025, exfiltrating 8.5 terabytes of data before being detected. The scale of the theft is staggering — by comparison, 8.5 terabytes is roughly equivalent to the text content of every book ever published, multiple times over.
How Many People Were Affected?
The latest figures put the total number of affected individuals at over 62 million, making this one of the largest data breaches in American history. Texas alone accounts for 15.4 million affected residents. Oregon has reported 10.5 million. Other states are still calculating their totals as the investigation continues.
Texas Attorney General Ken Paxton demanded information from both Conduent and Blue Cross Blue Shield of Texas about the scope of the breach and the adequacy of their data security practices.
Notification Letters Are Still Being Sent
Conduent began sending notification letters in October 2025, and the company has indicated that the process will not be complete until April 15, 2026. If you have not received a letter, that does not necessarily mean you are unaffected. Many individuals may not receive notifications at all if Conduent does not have current mailing addresses on file, particularly for people who have moved since they last received government benefits.
What Data Was Exposed
The data stolen in the Conduent breach includes some of the most sensitive categories of personal information:
- Full names
- Social Security numbers
- Dates of birth
- Medical records and treatment information
- Health insurance details
This combination is particularly dangerous. A Social Security number paired with a date of birth and medical history gives criminals everything they need for identity theft, medical identity fraud, and insurance fraud. Unlike a stolen credit card number, which can be replaced in minutes, a compromised Social Security number creates risk that persists for years.
Skip the manual opt-outs
One opt-out won't stop them — brokers relist your data. PrivacyOn removes your info from 100+ sites and keeps it removed.
Start your free scanSteps to Take Right Now
1. Check Whether You Received a Notification Letter
Search your mail — including junk mail — for any correspondence from Conduent. The letters typically describe what information was compromised and may include offers for free credit monitoring. If you have received government benefits through Medicaid, SNAP, child support, or other state programs, assume your data may be at risk even if you have not received a letter yet.
2. Freeze Your Credit Immediately
A credit freeze is the single most effective step you can take. It prevents anyone from opening new credit accounts in your name, even if they have your Social Security number and date of birth. Freeze your credit at all three major bureaus:
- Equifax: equifax.com or (888) 298-0045
- Experian: experian.com or (888) 397-3742
- TransUnion: transunion.com or (800) 916-8800
Freezing is free and does not affect your credit score. Also consider freezing at Innovis, ChexSystems, and the National Consumer Telecom & Utilities Exchange (NCTUE) for more comprehensive protection.
3. Monitor the Dark Web for Your Information
With 8.5 terabytes of stolen data, it is likely that at least some of this information will end up on dark web marketplaces. Monitor whether your Social Security number, email addresses, or other personal details have surfaced. Services like PrivacyOn include dark web monitoring that alerts you when your information is detected in breach databases and criminal forums.
4. Place a Fraud Alert
If you believe your information was compromised, place a fraud alert with any one of the three major credit bureaus — they are required to notify the other two. An initial fraud alert lasts one year and requires creditors to take extra steps to verify your identity before opening new accounts. Victims of identity theft can place an extended fraud alert lasting seven years.
5. File a Report With the FTC
Report the breach to the Federal Trade Commission at IdentityTheft.gov. The FTC will create a personalized recovery plan and provide documentation you may need if you become a victim of identity theft. This step is especially important because it establishes a record that can help you dispute fraudulent accounts later.
6. Watch for Medical Identity Fraud
Because the Conduent breach included medical records and health insurance information, you are at elevated risk for medical identity fraud. This occurs when someone uses your insurance details to receive medical care or fill prescriptions in your name. Signs to watch for include:
- Explanation of Benefits (EOB) statements for services you did not receive
- Bills from healthcare providers you have never visited
- Incorrect information in your medical records
- Unexpected denials of insurance coverage due to conditions or treatments that are not yours
Request your medical records from your insurance provider and review them for inaccuracies. If you find errors, report them to your insurer and file a complaint with the Department of Health and Human Services.
7. Remove Your Personal Information From Data Broker Sites
Criminals who obtain your data from breaches often cross-reference it with publicly available information on data broker sites to build more complete profiles. Your name, address, phone number, relatives, and other details are freely available on people-search websites, and this data makes breached information far more actionable for fraud.
PrivacyOn removes your personal information from over 100 data broker sites and continuously monitors for re-listings. By reducing the amount of personal data available about you online, you limit what criminals can combine with your breached data from Conduent.
Consider Identity Theft Protection
Given the severity of this breach — Social Security numbers, medical records, and dates of birth for over 62 million people — identity theft protection is a reasonable investment. Look for a service that includes credit monitoring at all three bureaus, dark web monitoring, identity restoration assistance, and insurance coverage for fraud-related losses. Check whether Conduent's notification letter offers free monitoring before purchasing separately.
The Bigger Picture
The Conduent breach underscores a troubling reality: companies that handle the most sensitive data for the most vulnerable populations are not always the most diligent about protecting it. Government contractors process data for people who often have no choice about whether their information is shared — you cannot opt out of providing your Social Security number to receive Medicaid benefits.
That makes proactive protection essential. Freeze your credit, monitor your accounts, remove your data from broker sites, and stay alert for signs of fraud. The damage from a breach of this magnitude unfolds over years, not weeks. Taking action now can prevent the worst outcomes.
If you have not already done so, start a free scan with PrivacyOn to see what personal information about you is currently exposed on data broker sites — and begin removing it before criminals can use it against you.