Reporting indicates the SafePay ransomware group exfiltrated terabytes of data from Conduent, with impacted person estimates later revised to roughly 10–25+ million U.S. residents. The exposed information includes names, Social Security numbers and health/insurance records, creating significant downstream identity‑fraud and scam risks.

Security reporting and vendor trackers show a long‑running intrusion attributed to the SafePay ransomware group resulted in massive data exfiltration from Conduent, first discovered in January 2025 and continuing in fallout through 2026. Conduent has revised impacted‑person estimates upward into the tens of millions, with public reports citing roughly 10–25+ million U.S. residents whose records—including names, Social Security numbers, and health and insurance data—were taken. The scale and sensitivity of the leak have immediate implications for identity theft, targeted phishing, account takeover and social‑engineering scams that monetize personal data. Regulators and state attorneys general have opened inquiries, plaintiffs have filed litigation, and affected entities face notification and remediation obligations. Security vendors warn that terabyte‑scale dumps seed both low‑effort mass scams and higher‑value targeted fraud, and that monetization often appears months after the breach as data is aggregated and traded. Consumers are advised to monitor credit, enable identity alerts, and report suspicious financial activity promptly to reduce long‑term harm.