Conduent, a government contractor that “supports 100 million U.S. residents across various government health programs”, confirmed recent outages experienced by multiple states last week were due to a cyberattack that compromised the company’s operating systems.
A Conduent spokesperson told Recorded Future News that the company’s operating systems experienced an operational disruption due to a third-party compromise” and the “recovery caused several days of disruption to many of our operations.”
Conduent has numerous contracts with state governments providing technology solutions for health programs including, but not limited to Medicaid, Child support, Food assistance.
Evidence of the outage emerged last week when the Wisconsin Department of Children and Families reported to residents that Conduent was experiencing a system outage.
“This outage is impacting payees who receive their payments via electronic transfer or an EBT card from receiving their scheduled support payment. Payors support payments, including via income withholding, are still being received and will be processed once the system is operational,” Wisconsin officials said.
Wisconsin officials also said four unnamed states were impacted by the outages. The systems were restored on Sunday.
In June 2020, Conduent confirmed a ransomware attack after several days of service interruption.
Emily Phelps, Director, Cyware had this to say:
“Organizations must focus on robust threat intelligence management, which enables the timely sharing of actionable insights across networks and between partners. Through effective intel sharing, businesses and government entities can strengthen collective defense, ensuring faster response times and minimizing the impact of such disruptions. It’s a reminder that cybersecurity is no longer just about protecting internal systems—it’s about securing the broader ecosystem and fostering collaboration to safeguard public services and infrastructure. The ability to detect, respond, and recover from cyber incidents quickly is essential in maintaining trust and continuity.”
The fact that this organization has been pwned twice suggests that they didn’t learn the lessons of their first go round of being pwned. I hope they are paying attention to this incident as having this happen a third time would be completely unacceptable.
Related
This entry was posted on January 22, 2025 at 1:36 pm and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Government health IT contractor Conduent confirms ‘third-party compromise’ after outages
Conduent, a government contractor that “supports 100 million U.S. residents across various government health programs”, confirmed recent outages experienced by multiple states last week were due to a cyberattack that compromised the company’s operating systems.
A Conduent spokesperson told Recorded Future News that the company’s operating systems experienced an operational disruption due to a third-party compromise” and the “recovery caused several days of disruption to many of our operations.”
Conduent has numerous contracts with state governments providing technology solutions for health programs including, but not limited to Medicaid, Child support, Food assistance.
Evidence of the outage emerged last week when the Wisconsin Department of Children and Families reported to residents that Conduent was experiencing a system outage.
“This outage is impacting payees who receive their payments via electronic transfer or an EBT card from receiving their scheduled support payment. Payors support payments, including via income withholding, are still being received and will be processed once the system is operational,” Wisconsin officials said.
Wisconsin officials also said four unnamed states were impacted by the outages. The systems were restored on Sunday.
In June 2020, Conduent confirmed a ransomware attack after several days of service interruption.
Emily Phelps, Director, Cyware had this to say:
“Organizations must focus on robust threat intelligence management, which enables the timely sharing of actionable insights across networks and between partners. Through effective intel sharing, businesses and government entities can strengthen collective defense, ensuring faster response times and minimizing the impact of such disruptions. It’s a reminder that cybersecurity is no longer just about protecting internal systems—it’s about securing the broader ecosystem and fostering collaboration to safeguard public services and infrastructure. The ability to detect, respond, and recover from cyber incidents quickly is essential in maintaining trust and continuity.”
The fact that this organization has been pwned twice suggests that they didn’t learn the lessons of their first go round of being pwned. I hope they are paying attention to this incident as having this happen a third time would be completely unacceptable.
Share this:
Like this:
Related
This entry was posted on January 22, 2025 at 1:36 pm and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.