Volvo Group says 16,991 employees affected as Conduent data breach grows to 25 million people

A massive data breach at Conduent, a U.S.-based business services provider, has exposed the personal information of at least 25 million people, including 16,991 employees of Volvo Group North America, as the scope of the incident continues to expand across multiple states.

Conduent detected an intrusion into its network on Jan. 13, 2025, following a cyberattack that disrupted services for government agencies in several states. Subsequent investigation determined that unauthorized actors had access to the company’s systems from Oct. 21, 2024, through Jan. 13, 2025.

The attackers obtained personal data including names, addresses, Social Security numbers, dates of birth, and, in some cases, health insurance and medical information. Conduent has notified affected individuals and is offering free identity protection services. The company has stated it is not aware of any attempted or actual misuse of the information.

The Safepay ransomware group claimed responsibility for the attack in February 2025.

Conduent, which provides printing, mailroom, document processing, payment integrity and other back-office services to government and commercial clients, confirmed in November 2025 that the January breach exposed the personal data of more than 10 million individuals. Updated disclosures filed with state attorneys general now indicate the total number of affected individuals exceeds 25 million.

In Texas, the number of impacted residents has risen from an earlier estimate of 4 million to 15 million. In Oregon, more than 10 million individuals are now identified as affected.

Among the corporate clients impacted is Volvo Group North America, the regional division of the global truck, bus and industrial equipment manufacturer Volvo Group. Conduent provides third-party printing, mailroom, document processing and payment integrity services on behalf of Volvo.

In filings with the Maine Attorney General’s Office, Volvo reported that 16,991 employees were affected by the breach. The company indicated it became aware of the incident in January 2026, months after the intrusion occurred.

In notification letters sent to impacted individuals on behalf of Volvo, Conduent stated that the personal information involved came into its possession through services provided to current or former health plans. The company informed recipients about the nature of the incident and steps they could take to protect themselves.

Earlier breach notifications submitted by Conduent to state attorneys general in October 2025 suggested the incident affected roughly 10 million individuals. Recent updates reflect a significantly larger impact. As of October, Conduent reported to Maine officials that 374 state residents were affected, but did not disclose the overall total number of individuals at that time.

The January cyberattack also caused service outages for agencies in Wisconsin and Oklahoma, affecting payments and customer support operations.