Conduent Breach Traced to Oct 2024 Intrusion, Impacts Multiple Customers
Conduent disclosed that a breach first detected in January 2025 traces back to an October 21, 2024 intrusion with access maintained until January 13, 2025. Impacted entities include state agencies and healthcare partners; Premera confirmed exposure tied to Conduent systems.
CORTEX Protocol Intelligence Assessment
Business Impact: Government and healthcare partners face regulatory exposure from PII/PHI compromise. Technical Context: Months-long persistence indicates credential abuse and delayed detection; IR support from Palo Alto Networks noted.
Strategic Intelligence Guidance
- Conduct third-party risk review and contract security addendums
- Notify impacted data subjects per applicable breach laws
- Hunt for credential misuse and long-term persistence artifacts
- Align with sector ISACs and regulators on disclosures
Vendors
Threats
Targets
Impact
Data Volume:Unknown
Financial:$25M (direct costs disclosed)
Intelligence Source: Conduent says data breach originally began with 2024 intrusion | Cybersecurity Dive | Oct 28, 2025