Conduent, a major US government technology provider, suffered a significant data breach in January 2025, exposing the personal information of over 25 million individuals. Initially reported to impact 10.5 million people in Oregon, subsequent disclosures revealed that nearly 15.4 million residents of Texas, roughly 50% of the state's population, were affected. The breach involved the theft of sensitive data including names, Social Security numbers, and health information through a ransomware attack involving SafePay ransomware, which exfiltrated over 8 TB of data. The incident disrupted government services such as Medicaid payments and child support disbursements, highlighting the reliance of state agencies on private contractors. The breach is part of a broader pattern targeting critical service providers, with Conduent having experienced previous ransomware attacks. Regulatory filings now indicate that the breach was far more extensive than initially acknowledged, with potential material costs for notification, legal actions, and regulatory penalties. The incident underscores the importance of robust cybersecurity measures, transparency, and the human impact of data breaches, as victims face long-term risks of identity theft and financial harm. Conduent is now under pressure to complete investigations, notify affected parties, and restore trust, while the wider industry is reminded of cybersecurity as a fundamental business risk.