Conduent has revealed that a data breach initially discovered in January traces back to an intrusion that occurred on October 21, 2024. This information came to light following a forensic investigation spanning several months, as detailed in a recent filing with the Maine Attorney General’s office.
The unauthorized access by a third party remained undetected in Conduent’s systems until January 13 of this year. In Maine alone, 334 individuals were affected by the breach, although the company did not provide a total count of those impacted across all states, according to a spokesperson for the Maine AG.
In addition to its filing in Maine, Conduent also reported the incident to the California Attorney General’s office. The New Jersey-based contractor confirmed the breach after officials in Wisconsin reported delays in child support payments—an outage that had repercussions in at least four states.
In April, Conduent disclosed that many personal data records were compromised in the January attack, leading to significant nonrecurring expenses associated with the incident. In a May earnings report, the company stated it had incurred $25 million in direct costs related to its response to the breach. While Conduent has insurance coverage, investigations into the full impact of the breach are ongoing.
The company has been cooperating with law enforcement and enlisted the help of third-party forensic experts, particularly Palo Alto Networks, to manage the incident’s fallout. As a significant contractor for government services—including printing, payments, and back-end processing—Conduent’s operations affect numerous state agencies and organizations.
In a related matter, Premera Blue Cross, a health insurance provider based in Mountlake Terrace, Washington, confirmed its data had also been compromised due to the Conduent breach. The information potentially exposed includes names, Social Security numbers, dates of birth, treatment histories, and claim numbers, though Premera assured that its own systems were not directly affected and does not anticipate a significant financial impact from the incident.
Furthermore, the Wisconsin Child Support Trust Fund has indicated that the breach interfered with its ability to process child support payments earlier this year. Despite the challenges posed by this security incident, both Conduent and Premera are actively managing the repercussions while taking steps to reinforce their data security measures moving forward.