Delaware North Discloses Data Breach Impacting 132 Maine Residents Delaware North, a Buffalo, New York-based hospitality and food service company, recently reported a data breach that exposed the personal information of consumers. On January 27, 2026, an unauthorized actor accessed an employee’s Microsoft account and copied sensitive files. The company detected the suspicious activity the next day, January 28, 2026, and launched an investigation. After months of analysis, Delaware North confirmed on May 28, 2026, that the compromised files contained personal data, including names, driver’s license numbers, and state-issued identification numbers. The breach has affected 132 Maine residents, with notifications sent to impacted individuals starting June 5, 2026. In response, Delaware North is providing one year of complimentary credit monitoring and identity theft protection through Kroll, including triple-bureau credit monitoring and fraud consultation. Affected individuals must activate the service by a specified deadline using a unique membership number from their notification letter. The company has also established a toll-free call center (844-959-7082) for inquiries, available weekdays from 9:00 a.m. to 6:30 p.m. Eastern Time.

Massive Conduent Data Breach Exposes Tens of Millions Across U.S. States A cyberattack on government technology contractor Conduent has resulted in a far larger data breach than initially reported, potentially affecting tens of millions of Americans. The incident, first disclosed in April 2024, occurred after hackers disrupted the company’s systems, causing widespread outages in government services. Newly released data reveals that 15.4 million people in Texas nearly half the state’s population had their personal information compromised, a sharp increase from the 4 million initially reported in October. In Oregon, 10.5 million individuals were affected, while hundreds of thousands more in Delaware, Massachusetts, New Hampshire, and other states also had their data exposed. The stolen information includes names, Social Security numbers, medical records, and health insurance details. Conduent, a major provider of government and corporate technology services, processes sensitive data for over 100 million people through healthcare programs and other public-sector contracts. Despite the scale of the breach, the company has not confirmed the total number of affected individuals or whether the incident impacted more than 100 million people. A spokesperson declined to answer key questions, including how many breach notifications have been sent. The Safeway ransomware group claimed responsibility for the attack, asserting it exfiltrated over 8 terabytes of data. In an SEC filing, Conduent acknowledged that the stolen datasets contained personal information of end users but did not provide a clear timeline for completing notifications, stating only that the process would continue into early 2026. The full extent of the breach and its long-term impact remain unclear.

The Conduent data breach, attributed to the SafePay ransomware group, compromised the sensitive personal and financial data of over 10.5 million individuals across multiple U.S. states. The incident exposed vulnerabilities in Conduent’s cybersecurity framework, leading to severe reputational damage, investor distrust, and a 36% stock decline over the past year. The breach’s financial and operational fallout includes potential legal penalties from regulatory bodies (e.g., FTC), class-action lawsuits from affected individuals, and long-term erosion of client confidence. The exposed data—likely including identities and financial records—heightens risks of identity theft, fraud, and financial exploitation. Market volatility, evidenced by a daily stock drop of 0.216%, reflects immediate financial repercussions, while upcoming earnings reports (November 7, 2025) may further clarify the breach’s economic toll. The incident underscores systemic failures in data protection, demanding urgent reforms to mitigate future threats and restore stakeholder trust.

Massive Conduent Data Breach Exposes Personal Data of Over 25 Million Americans A January 2025 ransomware attack on government technology contractor Conduent has compromised the personal data of at least 25.9 million individuals across the U.S., far exceeding initial estimates. The breach, which disrupted the company’s operations for days, has now been confirmed to impact 15.4 million people in Texas nearly half the state’s population up from the 4 million initially reported in October. An additional 10.5 million Oregonians are affected, along with hundreds of thousands in Delaware, Massachusetts, New Hampshire, and other states. The stolen data includes names, Social Security numbers, medical records, and health insurance information, exposing victims to potential identity theft and fraud. Conduent, a major government contractor serving over 100 million Americans through healthcare and administrative programs, has provided limited details about the incident. The company disclosed the attack in April 2025, months after hackers infiltrated its systems, causing outages in government services nationwide. The Safeway ransomware gang claimed responsibility, alleging they exfiltrated 8 terabytes of data. In an SEC filing, Conduent acknowledged the breach involved "a significant number of individuals’ personal information" tied to its corporate and government clients. While the company is still analyzing the scope of the breach, it expects to complete notifications to affected individuals by early 2026, though no precise timeline has been provided. Conduent has not confirmed whether the breach affects more than 100 million people, despite its vast user base. The company has yet to disclose how many breach notifications it has sent or provide further details on the attack’s origins. The incident underscores the growing risk of ransomware targeting critical infrastructure and third-party vendors handling sensitive data.