Massive Ransomware Attack on Conduent Exposes Data of Tens of Millions Across Multiple States
A sprawling ransomware attack on Conduent, a major government technology contractor, has compromised the personal information of tens of millions of Americans across several states, officials confirmed on February 22, 2026. What was initially reported as a limited breach has now escalated into one of the largest data exposures in recent memory, with Texas and Oregon among the hardest hit.
The cyberattack, which occurred in January 2025 and was claimed by the Safeway ransomware gang, resulted in the theft of over 8 terabytes of sensitive data. Conduent first disclosed the breach publicly in April 2025 after hackers disrupted its systems and caused widespread outages in government services nationwide. Initial estimates suggested that about 4 million Texans were affected, but recent investigations have raised that figure to approximately 15.4 million — nearly half the state’s population. Oregon’s attorney general reported that 10.5 million residents had their data exposed, with additional notifications sent to hundreds of thousands in Delaware, Massachusetts, New Hampshire, and other states.
The stolen data reportedly includes names, Social Security numbers, medical records, and other health-related information, raising significant concerns about identity theft and privacy violations for those dependent on state healthcare programs and government services. The breach has prompted urgent warnings from cybersecurity experts and government officials alike.
“This incident underscores the critical need for robust cybersecurity measures within government contractors who manage sensitive citizen data,” said a spokesperson from the Cybersecurity and Infrastructure Security Agency. The agency is actively collaborating with state authorities and federal partners to assess the full scope of the breach and mitigate further risks.
Conduent, which provides technology solutions to various government agencies, has been working closely with the FBI and the Federal Bureau of Investigation’s Cyber Division to investigate the attack and identify the perpetrators. The FBI has classified the Safeway ransomware gang as a significant threat actor in recent years, known for targeting critical infrastructure and government entities.
State officials in Texas have urged residents to remain vigilant and monitor their financial and medical records for suspicious activity. The Texas Attorney General’s Office has set up a dedicated hotline and website to assist affected individuals with identity theft protection services and credit monitoring.
Similarly, Oregon’s Department of Justice has issued guidance on steps residents can take to protect themselves, including placing fraud alerts on credit files and regularly reviewing health insurance statements.
The breach has reignited debates over cybersecurity standards for government contractors and the need for enhanced transparency and rapid disclosure protocols. Experts warn that the long-term consequences could be severe, with stolen health data often being more valuable and harder to protect than financial information.
As investigations continue, affected individuals are encouraged to stay informed through official channels and exercise caution when receiving unsolicited communications that may attempt to exploit the breach.
For more information on protecting personal information after a data breach, the Federal Trade Commission offers comprehensive resources and recovery plans.
The Conduent breach serves as a stark reminder of the vulnerabilities in the digital infrastructure supporting essential government services and the critical importance of cybersecurity vigilance in the modern era.
Leave a Reply