Page last updated on April 14, 2025
CONDUENT Inc initially disclosed a cybersecurity incident in an SEC 8-K filing on 2025-04-14 16:14:06 EDT.
Company Summary
Conduent Inc. is a business process services company providing digital platforms and solutions to commercial and government clients, with a focus on automation, analytics, and mission-critical operations. As of 2023, the company employs approximately 58,600 people.
Incident Details
Material: Unknown
Is Breach: TRUE
Records Compromised: Unknown
Data Types Impacted: No Data Types Tracked (yet)
Compromised Date: 2025-01-13
Detected Date: 2025-01-13
Disclosure Date: 2025-04-14
Contained Date:
Recovered Date:
Attack Goal: Unknown
Costs: No Costs Tracked (yet)
Filings
8-K filed on 2025-04-14
CONDUENT Inc filed an 8-K at 2025-04-14 16:14:06 EDT
Accession Number: 0001677703-25-000067
Item 1.05 Material Cybersecurity Incidents.
On January 13, 2025, Conduent Incorporated (the “Company”) experienced an operational disruption and learned that a ’threat actor’ gained unauthorized access to a limited portion of the Company’s environment. Upon detection, the Company activated its cybersecurity response plan with the help of external cybersecurity experts to contain, assess, and remediate the incident. The Company restored the affected systems and returned to normal operations within days, and in some cases, hours. The disruption did not have a material impact to the Company’s operations.
As part of its ongoing investigation, the Company determined that the threat actor exfiltrated a set of files associated with a limited number of the Company’s clients. Due to the complexity of the files, the Company engaged cybersecurity data mining experts to evaluate the exfiltrated data and was recently informed of its nature, scope and validity, confirming that the data sets contained a significant number of individuals’ personal information associated with our clients’ end-users. The Company is continuing to further analyze and document the precise and detailed impact of the data exfiltrated, and clients are being informed as appropriate in order to determine next steps as required by federal and state law. To the Company’s knowledge, the exfiltrated data has not been released on the dark web or otherwise publicly.
While the Company did not experience material impacts to its operating environment or costs from the event itself, the Company has incurred and accrued material non-recurring expenses in the first quarter related to the event based on potential notification requirements. The Company maintains a cyber insurance policy and has also notified federal law enforcement authorities of the incident.
Company Information
| Name | CONDUENT Inc |
| CIK | 0001677703 |
| SIC Description | Services-Business Services, NEC |
| Ticker | CNDT - Nasdaq |
| Website | |
| Category | Accelerated filer |
| Fiscal Year End | December 30 |