Major Ransomware Attack on Conduent Exposes 25 Million Records

On February 26, 2026, Conduent, a major business process services company, confirmed a ransomware attack that has now been revealed to have impacted over 25 million individuals, making it one of the largest data breaches in recent history. Initial estimates suggested that only 10 million were affected, but further investigation uncovered the extensive reach of the breach. This incident underscores the critical vulnerabilities present in third-party vendor security protocols, as attackers exploit weaker links in supply chains to access sensitive information. Security professionals should prioritize assessing their own vendor risk management strategies to mitigate similar threats in the future. The fallout from this breach could lead to increased regulatory scrutiny and demand for accountability among third-party providers. Organizations are urged to enhance their incident response plans and ensure robust data protection measures are in place to safeguard against evolving ransomware tactics. Source