THR A.I CyberSecurity Scoring
THR
Company Information
Website:https://jobs.texashealth.org/
Employees number:16,844
Number of followers:117,739
NAICS:62
Industry Type:Hospitals and Health Care
Homepage:texashealth.org
THR Risk Score (AI oriented)
Between 0 and 549
THRHospitals and Health Care
Updated:
10/07/2026
10/07/2026
529/1000
Critical
C
THR Global Score (TPRM)
xxxx
THRHospitals and Health Care
Score locked

THRCritical
Current Score
529C (CRITICAL)
01000
4 incidents
-144 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
529
JUNE 2026
526
MAY 2026
517
APRIL 2026
512
MARCH 2026
506
FEBRUARY 2026
637
Ransomware
05 Feb 2026 • THR
Conduent, Delaware and Texas: Massive Data Breach at Conduent Exposes Millions Across US States
Massive Conduent Data Breach Exposes Tens of Millions Across U.S. States
493
CRITICAL-144
CONTEXDEL1770338879
Massive Conduent Data Breach Exposes Tens of Millions Across U.S. States
A cyberattack on government technology contractor Conduent has resulted in a far larger data breach than initially reported, potentially affecting tens of millions of Americans. The incident, first disclosed in April 2024, occurred after hackers disrupted the company’s systems, causing widespread outages in government services.
Newly released data reveals that 15.4 million people in Texas nearly half the state’s population had their personal information compromised, a sharp increase from the 4 million initially reported in October. In Oregon, 10.5 million individuals were affected, while hundreds of thousands more in Delaware, Massachusetts, New Hampshire, and other states also had their data exposed. The stolen information includes names, Social Security numbers, medical records, and health insurance details.
Conduent, a major provider of government and corporate technology services, processes sensitive data for over 100 million people through healthcare programs and other public-sector contracts. Despite the scale of the breach, the company has not confirmed the total number of affected individuals or whether the incident impacted more than 100 million people. A spokesperson declined to answer key questions, including how many breach notifications have been sent.
The Safeway ransomware group claimed responsibility for the attack, asserting it exfiltrated over 8 terabytes of data. In an SEC filing, Conduent acknowledged that the stolen datasets contained personal information of end users but did not provide a clear timeline for completing notifications, stating only that the process would continue into early 2026. The full extent of the breach and its long-term impact remain unclear.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
JANUARY 2026
637
DECEMBER 2025
633
NOVEMBER 2025
630
OCTOBER 2025
626
SEPTEMBER 2025
622
AUGUST 2025
619
JANUARY 2025
724
Ransomware
01 Jan 2025 • THR
Conduent: Data breach at govtech giant Conduent balloons, affecting millions more Americans
Massive Conduent Data Breach Exposes Personal Data of Over 25 Million Americans
584
CRITICAL-140
CON1770309774
Massive Conduent Data Breach Exposes Personal Data of Over 25 Million Americans
A January 2025 ransomware attack on government technology contractor Conduent has compromised the personal data of at least 25.9 million individuals across the U.S., far exceeding initial estimates. The breach, which disrupted the company’s operations for days, has now been confirmed to impact 15.4 million people in Texas nearly half the state’s population up from the 4 million initially reported in October. An additional 10.5 million Oregonians are affected, along with hundreds of thousands in Delaware, Massachusetts, New Hampshire, and other states.
The stolen data includes names, Social Security numbers, medical records, and health insurance information, exposing victims to potential identity theft and fraud. Conduent, a major government contractor serving over 100 million Americans through healthcare and administrative programs, has provided limited details about the incident. The company disclosed the attack in April 2025, months after hackers infiltrated its systems, causing outages in government services nationwide.
The Safeway ransomware gang claimed responsibility, alleging they exfiltrated 8 terabytes of data. In an SEC filing, Conduent acknowledged the breach involved "a significant number of individuals’ personal information" tied to its corporate and government clients. While the company is still analyzing the scope of the breach, it expects to complete notifications to affected individuals by early 2026, though no precise timeline has been provided.
Conduent has not confirmed whether the breach affects more than 100 million people, despite its vast user base. The company has yet to disclose how many breach notifications it has sent or provide further details on the attack’s origins. The incident underscores the growing risk of ransomware targeting critical infrastructure and third-party vendors handling sensitive data.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
NOVEMBER 2019
737
Ransomware
01 Nov 2019 • THR
Texas school: Ryuk ransomware member pleads guilty in the US, faces 15 years in prison
Armenian Hacker Pleads Guilty to Ryuk Ransomware Attacks on U.S. Organizations
597
CRITICAL-140
TEX1783708025
Armenian Hacker Pleads Guilty to Ryuk Ransomware Attacks on U.S. Organizations
A 34-year-old Armenian national, Karen Serobovich Vardanyan, has pleaded guilty to hacking U.S. companies and deploying Ryuk ransomware, a notorious strain that disrupted organizations across multiple sectors. Vardanyan was extradited to the U.S. after his arrest in Kyiv in April 2025, where he had been providing initial access to corporate networks.
Between November 2019 and April 2020, Vardanyan and his co-conspirators breached the systems of several U.S. entities, including a Michigan-based company that paid 200 BTC (over $1.1 million at the time), a technology firm in Wilsonville, Oregon, and a Texas school. According to the U.S. Department of Justice (DoJ), the group encrypted hundreds of servers and workstations, extorting approximately 1,610 bitcoins valued at around $15 million at the time of the attacks.
Ryuk ransomware, active from 2018 to mid-2020, targeted organizations in nearly every industry, including healthcare providers during the COVID-19 pandemic. At its peak, the gang compromised roughly 20 organizations weekly and amassed over $150 million in ransom payments. After Ryuk’s shutdown in 2020, many of its members joined the Conti ransomware operation, which later disbanded in 2022 following a major data leak.
Vardanyan was indicted in February 2024 by a federal grand jury in Portland and faces up to 15 years in prison on two charges, along with fines of $250,000 each. As part of his plea agreement, he has agreed to pay over $1.1 million in restitution. His sentencing is scheduled for September 2026.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
APRIL 2018
785
Breach
01 Apr 2018 • THR
Texas Health Resources
Email Incident at Texas Health Resources
719
HIGH-66
TEX203427622
Texas Health Resources notified fewer than 4,000 patients about an email incident last year.
An unauthorized third party may have gained access to some Texas Health email accounts.
Law enforcement indicated this was part of a larger incident affecting multiple entities across the country and did not just affect Texas Health entities and patients.
Some patients’ information may have been in the affected email accounts.
It may have included patients’ names, medical record numbers, dates of birth, addresses, insurance information, clinical information, and in some instances Social Security numbers and driver’s license and state identification numbers.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for THR ??
What was THR's A.I Rankiteo Cyber Score in June 2026 ??
What was THR's A.I Rankiteo Cyber Score in May 2026 ??
What was THR's A.I Rankiteo Cyber Score in April 2026 ??
What was THR's A.I Rankiteo Cyber Score in March 2026 ??
What was THR's A.I Rankiteo Cyber Score in February 2026 ??
What was THR's A.I Rankiteo Cyber Score in January 2026 ??
What was THR's A.I Rankiteo Cyber Score in December 2025 ??
What was THR's A.I Rankiteo Cyber Score in November 2025 ??
What was THR's A.I Rankiteo Cyber Score in October 2025 ??
What was THR's A.I Rankiteo Cyber Score in September 2025 ??
What was THR's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on THR's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with THR ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view THR's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?