Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Conduent January 2025 breach impacts 10M+ people

Conduent January 2025 breach exposed personal data of 10M+ people, including names, addresses, DOBs, SSNs, and health and insurance info. Conduent January 2025 breach exposed the personal data of over 10M people, including names, addresses, DOBs, SSNs, and health and insurance info. In April 2025, the business services provider Conduent revealed that personal information, including […]

Xsolis

Conduent January 2025 breach exposed personal data of 10M+ people, including names, addresses, DOBs, SSNs, and health and insurance info.

Conduent January 2025 breach exposed the personal data of over 10M people, including names, addresses, DOBs, SSNs, and health and insurance info.

In April 2025, the business services provider Conduent revealed that personal information, including names and Social Security numbers, was stolen in a January cyberattack.

In January, the company announced that cyberattack caused service disruptions after agencies in multiple US states reported outages. Wisconsin and Oklahoma noted impacts on payments and customer support.

In a new FORM-8K filing with the SEC, the company announced that it had restored operations quickly after a cyberattack, but confirmed that attackers stole files containing personal data from some clients’ end-users.

Conduent reported no major operational impact from the cyberattack but did face significant one-time costs for notifications. The company holds cyber insurance and informed federal authorities.

Conduent disclosed that hackers accessed its network from October 21, 2024, to January 13, 2025, stealing personal data of users, including SSNs, DOBs, addresses, and health info. The company notified affected individuals and is offering free identity protection.

“On January 13, 2025, we discovered that we were the victim of a cyber incident that impacted a limited portion of our network. We immediately secured our networks and initiated an investigation with the assistance of thirdparty forensic experts. Our investigation determined that an unauthorized third party had access to our environment from October 21, 2024, to January 13, 2025, and obtained some files associated with <Client Name>.” reads the data breach notification sent to the impacted individuals. “Given the nature and complexity of the data involved, Conduent has been working diligently with a dedicated review team, including internal and external experts, to conduct a detailed analysis of the affected filesto identify the personal information contained therein.”

The company recommends impacted individuals to monitor credit, place fraud alerts, and consider security freezes.

“Upon discovery of the incident, we safely restored our systems and operations and notified law enforcement. We are also notifying you in case you decide to take further steps to protect your information should you feel it appropriate to do so.” states the report.

According to the Oregon Department of Justice, the Conduent breach affected 10,515,849 people.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, data breach)