A major data breach at business services provider Conduent has exposed personal information of nearly 17,000 Volvo Group North America employees. Hackers accessed Conduent's network from October 2024 to January 2025, stealing names, addresses, Social Security numbers, birth dates, and medical data. The Safepay ransomware group claimed responsibility for the February attack.
The breach's scope keeps expanding dramatically. Initially affecting 10 million people, recent updates show over 20 million individuals impacted across multiple states. Texas alone saw numbers jump from 4 million to 15 million affected residents.
Volvo only learned about the incident in January 2026, highlighting delays in breach notifications. This marks the second third-party breach hitting Volvo recently, following a September ransomware attack on Swedish IT company Miljödata.
Source: SecurityWeek