Conduent Data Breach Exposes Volvo Group Employees and Millions More

Massive Cybersecurity Incident

Conduent, a major provider of back‑office services, confirmed a data breach that has impacted Volvo Group employees and millions of individuals across the United States. The intrusion was first detected on January 13, 2025, but investigations revealed that attackers had been inside Conduent’s network since October 21, 2024.

What Data Was Compromised

Hackers accessed highly sensitive personal information, including:

• Names and addresses
• Social Security numbers (SSNs)
• Dates of birth
• Health insurance details
• Medical information

The Safepay ransomware group claimed responsibility for the attack in February 2025.

Impact on Volvo Group

Conduent provides printing, mailroom, document processing, and payment integrity services to Volvo Group. As a result, nearly 17,000 Volvo employees had their data exposed. Shockingly, Volvo only learned about the breach in January 2026, more than a year after Conduent’s detection.

Expanding Scope of the Breach

Originally, Conduent reported the breach affected around 10 million individuals. However, updated notifications to state attorneys general show the true scale is far larger:

• Texas: Numbers jumped from 4 million to 15 million affected.
• Oregon: Over 10 million residents impacted.

Not the First Breach for Volvo

This incident follows another third‑party breach in September 2025, when Swedish IT company Miljödata suffered a ransomware attack, forcing Volvo to notify employees once again.

Key Takeaways

• Third‑party risk is critical: Even if Volvo’s systems weren’t directly breached, reliance on vendors exposed employee data.
• Delayed notifications highlight transparency issues in breach reporting.
• Escalating numbers show how initial breach estimates often underestimate the true impact.