A devastating cybersecurity incident at Conduent Business Services, LLC, a massive third-party contractor for government and healthcare services, has resulted in the compromise of sensitive personal and health information belonging to more than 10 million individuals nationwide. The breach has directly impacted over 48,000 residents of South Carolina, placing tens of thousands of local individuals at high risk for identity theft and financial fraud.
The Scale of Conduent’s Reach: A Critical Infrastructure Provider
The sheer number of people affected by this breach highlights the critical role Conduent plays in the nation’s infrastructure. Conduent is not a consumer-facing company; rather, it is one of the largest Business Process Outsourcing (BPO) providers for the U.S. public sector.
- Serving the Public: The company supports approximately 100 million residents through complex government health and welfare initiatives, including programs like Medicaid, child support services, and various forms of public assistance.
- Massive Volume: Conduent’s systems are responsible for enabling an estimated 2 billion customer service interactions and processing roughly $85 billion in government benefit payments and disbursements every year across dozens of state governments.
- The Exposure Risk: Because Conduent manages technology, payment systems, enrollment data, and customer support for mission-critical state services, it is entrusted with vast repositories of the most sensitive citizen data—from financial eligibility to medical records. The breach underscores the systemic risk posed when this much critical information is centralized with a single third-party vendor.
Timeline and Scope of the Incident
The intrusion, claimed by the SafePay ransomware group, was a long-running security failure. The timeline of the attack is as follows:
- Initial Access (October 21, 2024): An unauthorized third party gained access to a limited portion of Conduent’s network.
- Discovery (January 13, 2025): Conduent detected and secured its network, but the unauthorized access had persisted for nearly three months.
- Notification (October 2025): The company began sending official notification letters to affected individuals on behalf of its clients, a process that took months due to the intensive analysis required to determine exactly whose data was compromised.
What Personal Data Was Stolen?
The stolen files contained a range of highly sensitive Personally Identifiable Information (PII) and Protected Health Information (PHI). While the specific data varies by individual, the compromised information may include:
- Full Names and Home Addresses
- Dates of Birth
- Social Security Numbers (SSNs)
- Medical Information (e.g., treatment codes, diagnosis information)
- Health Insurance Details
The exposure of SSNs and medical records, in particular, creates a significant and long-term risk of identity theft and medical fraud for the 48,000+ South Carolina residents affected.
Immediate Steps for Affected South Carolina Residents
If you receive an official notification letter from Conduent, Dr. Tom strongly recommends taking immediate action to protect yourself, with the most effective measure being placing a Security Freeze on your credit files.
1. Place a Security Freeze (Credit Freeze)
A security freeze is the strongest protection available; it prevents credit reporting agencies from releasing your credit file to potential new creditors, making it extremely difficult for criminals to open new lines of credit in your name. Placing a freeze is free of charge. You must place the freeze separately with all three major credit reporting agencies. The fastest method is typically online or by phone.
| Credit Bureau | Online Freeze Link | Phone Number | Mailing Address (for written request) |
| Equifax | Equifax security freeze | 1-888-298-0045 | Equifax Information Services LLC P.O. Box 105788 Atlanta, GA 30348-5788 |
| Experian | Experian security freeze | 1-888-397-3742 | Experian Security Freeze P.O. Box 9554 Allen, TX 75013 |
| TransUnion | TransUnion credit freeze | 1-888-909-8872 | TransUnion P.O. Box 160 Woodlyn, PA 19094 |
Information Required to Place a Freeze: You will need to provide your full name, Social Security Number, date of birth, current address, and a list of all addresses used in the past five years. You may also be asked to provide copies of your government-issued ID and a proof of current address (like a utility bill) if submitting a request by mail.
Important Note: You must remember to temporarily lift or “thaw” the freeze if you need a new loan, credit card, mortgage, or service that requires a credit check.
2. Monitor Financial and Health Accounts
- Financials: Check bank and credit card statements frequently for any suspicious charges. Order your free credit reports from AnnualCreditReport.com.
- Medical: Review all “Explanation of Benefits” (EOB) statements from your health insurer. Look for billing or claims for services you did not receive.
3. File Reports
If you discover any fraudulent activity, file a report with the Federal Trade Commission (FTC) at IdentityTheft.gov and notify your local law enforcement.
Feeling lost in the digital world? Dr. Tom is here to help!
Join Dr. Tom every week in his column, Dr. Tom’s Cyber Bits and Tips, for byte-sized advice on all things cyber and tech. Whether you’re concerned about online safety, curious about the latest cybercrime trends, or simply want to navigate the ever-evolving digital landscape, Dr. Tom has you covered.
From practical cybersecurity tips to insightful breakdowns of current threats, Dr. Tom’s column empowers you to stay informed and protect yourself online. So, dive in and get savvy with the web – with Dr. Tom as your guide!
Sign up for our Sunday Spectator. Delivered to your inbox every Sunday, with all the news from the week.
