HACKED: 26 Million SSNs Stolen

Red text saying Data Hack — CRITICAL DATA STOLEN

A ransomware attack on a major government contractor has exposed the personal information of at least 25.9 million Americans, including Social Security numbers and medical records, in what experts are calling the largest government technology breach in U.S. history.

Story Snapshot

Conduent, a government contractor serving 100+ million Americans, suffered a ransomware attack, exposing 25.9 million people’s sensitive data, including Social Security numbers, medical records, and health insurance details
The SafePay ransomware group claims to have stolen 8 terabytes of data in an attack that began in October 2024 but wasn’t fully disclosed until 2026, with notifications still ongoing
Texas and Oregon account for the majority of victims, with 15.4 million and 10.5 million affected, respectively, though Oregon’s figure exceeds the state’s total population
Conduent has provided no evidence of data misuse yet, but the breach raises serious concerns about cybersecurity vulnerabilities in government contractors handling Americans’ most sensitive information

Government Contractor’s Massive Security Failure

Conduent Inc., a technology contractor processing data for federal agencies and state governments, fell victim to a devastating ransomware attack that compromised the personal information of 25.9 million Americans. The company, which spun off from Xerox in 2017, manages medical billing, toll processing, and prepaid card services for government programs serving over 100 million citizens.

The breach exposed names, Social Security numbers, medical records, and health insurance information. This represents a catastrophic failure in protecting Americans’ most sensitive data, entrusted to a private contractor by government entities at every level.

Conduent data breach exposed 25 million Americans – including half of Texas https://t.co/aW2sX6icLy pic.twitter.com/6haEhlplco

— New York Post (@nypost) February 9, 2026

Timeline of Delayed Disclosure Raises Questions

The attack timeline reveals troubling delays in transparency. The SafePay ransomware group initially infiltrated Conduent’s systems in October 2024, remaining undetected while extracting data. Operations disruptions occurred in January 2025, yet public disclosure didn’t happen until April 2025. Initial estimates cited 10 million affected individuals, including 4 million Texans.

By September 2025, SEC filings confirmed that stolen datasets contained significant personal information. Only in February 2026 did the true scope emerge, with victim counts nearly tripling to 25.9 million. Conduent spokesman Sean Collins stated notifications would continue through April 15, 2026, but declined to confirm whether the total could reach 100 million, as some reports suggest.

State-by-State Impact Reveals Discrepancies

Texas bears the heaviest burden with 15.4 million victims, representing nearly half the state’s population. Oregon reported 10.5 million affected residents, a figure exceeding the state’s actual population of 4.9 million and raising serious verification concerns. Delaware, Massachusetts, New Hampshire, Indiana, Maine, and Vermont each reported hundreds of thousands of victims receiving notifications.

The discrepancies between reported victim counts and actual state populations suggest either data processing errors or that the breach affected individuals across multiple state systems. State attorneys general are enforcing disclosure requirements, but questions remain about the accuracy of Conduent’s victim identification process.

Ransomware Group Claims 8 Terabytes Stolen

The SafePay ransomware group publicly claimed responsibility, boasting they extracted 8 terabytes of data from Conduent’s systems. This massive data haul potentially includes complete medical histories, financial information, and Social Security numbers that could fuel identity theft and insurance fraud for years.

Conduent maintains no evidence exists of data misuse, but cybersecurity experts warn that stolen information often surfaces on dark web marketplaces months or years after breaches. The company established a call center for victims and offered free credit monitoring services, standard responses that provide minimal protection against sophisticated identity theft schemes enabled by comprehensive personal data exposure.

Data breach exposes personal data of 25M Americans

SafePay ransomware group claims to have stolen 8 terabytes of data containing personal informationhttps://t.co/wCY0tvD5oS

— The Big Bad Conservative Wolf (@RightWingNest) February 10, 2026

Pattern of Government Contractor Vulnerabilities

This breach continues an alarming trend of cyberattacks targeting government contractors handling critical infrastructure and personal data. Following the 2021 Colonial Pipeline ransomware attack and 2024 Change Healthcare incident affecting millions, the Conduent breach demonstrates persistent vulnerabilities in systems processing Americans’ most sensitive information.

The year 2025 set records for U.S. data breaches, increasing 4% over 2024 levels according to federal health data tracking. These contractors operate with access to comprehensive government databases yet apparently lack adequate cybersecurity measures to protect against increasingly sophisticated ransomware groups.

The reliance on private contractors for essential government data processing creates systemic risks that government oversight has failed to address effectively, leaving citizens’ privacy and security in jeopardy through no fault of their own.