A cyberattack earlier this year on Conduent, a major American business services provider and government contractor, resulted in the theft of customer data. In a recent filing with U.S. Securities and Exchange Commission (SEC) revealed that threat actors were able to exfiltrate a set of files containing sensitive information associated with a limited number of its clients. The breach, which occurred in January 2025, impacted operations across the U.S., including services provided to local government agencies.
SEC Filing Details
“As part of its ongoing investigation, the Company determined that the threat actor exfiltrated a set of files associated with a limited number of the Company’s clients,”the Conduent SEC filing states.
Conduent says it is still analyzing the full impact of the breach and is working with clients to ensure compliance with state and federal notification requirements. Affected customers are being informed as the investigation progresses.
SAFEPAY Ransomware Group May Be Linked to Incident
The company noted that, as of now, there is no evidence that the stolen data has been leaked or posted on the dark web. However, a ransomware group known as SAFEPAY in February listed 8.5 terabytes Conduent data.
If the SAFEPAY claim is indeed related to the January breach, it would suggest a much broader impact than initially disclosed. On the other hand, if unrelated, it could indicate that Conduent was targeted in two separate cyber attacks during the same month. However, the authenticity of the SAFEPAY claim cannot be verified.
Source:
1. www[.]sec[.]gov/Archives/edgar/data/1677703/000167770325000067/cndt-20250409.htm
2. hxxps[://]vxtwitter[.]com/DarkWebInformer/status/1892667528725328283
