A Morris County company specializing in administrative services for businesses and government agencies is facing scrutiny following a significant data breach that has exposed the sensitive personal and medical information of millions. Conduent Business Services, located in Florham Park, revealed on its website that it became aware of unauthorized access to its network in January 2025.
The internal investigation indicated hackers accessed Conduent’s network from October 21, 2024, to January 13, 2025, obtaining files that potentially contain critical personal information, including names, addresses, social security numbers, dates of birth, medical data, and health insurance details. Despite the breach, Conduent assured that, so far, there is no evidence suggesting that the compromised data has been misused or made public.
While the exact number of individuals affected remains unclear, a disclosure to the United States Securities and Exchange Commission suggested the scale of the breach is substantial. Reports from various state agencies indicate that as many as 10.5 million individuals nationally may have been impacted, with nearly 11,000 reported in New Hampshire and 4 million in Texas alone. It’s not yet known whether residents of New Jersey have been affected.
Conduent, which operates as a spin-off of Xerox, provides various services, including mailroom and payment solutions, to nearly half of the Fortune 100 companies and more than 600 governmental and transportation agencies. Notable clients include Humana and the Blue Cross Blue Shield affiliates across several states. Following the breach, Texas Attorney General Ken Paxton announced that his office is investigating the incident, labeling it potentially the largest data breach in U.S. history. He emphasized the importance of accountability for entities that may have contributed to this lapse in security.
In light of the ongoing investigations, Conduent has expressed its commitment to cooperating with regulators, stating that it will provide necessary information to assist in the inquiry. Additionally, a class action lawsuit has been filed in New Jersey federal court against the company, alleging negligence in implementing basic cybersecurity measures.
Despite the challenging circumstances, Conduent is actively working to address the situation and ensure it adheres to necessary standards while enhancing its cybersecurity protocols to prevent future incidents. The company emphasizes its proactive stance in managing the breach and its willingness to engage with both customers and regulators in restoring trust.