TEXAS (KXXV) — Texas Attorney General Ken Paxton has launched an investigation into what he calls potentially the largest data breach in U.S. history, issuing legal demands for information from Blue Cross Blue Shield of Texas and Conduent Business Services LLC.
The breach of Conduent's system happened between Oct. 21, 2024, and Jan. 13, 2025, exposing sensitive personal data of approximately 4 million Texans. An unauthorized third party accessed protected health information of Texas residents, including Texas Medicaid recipients.
"The Conduent data breach was likely the largest breach in U.S. history," Paxton said. "If any insurance giant cut corners or has information that could help us prevent breaches like this in the future, I will work to uncover it."
Paxton issued Civil Investigative Demands to both companies, requiring them to provide documents and information related to the breach investigation.
"Texans deserve to know that their private health information is being handled responsibly and in full compliance with the law," Paxton said. "My office is committed to uncovering exactly what went wrong, taking action to protect Texas families, and ensuring there is justice for any negligence."
Blue Cross Blue Shield of Texas is among multiple entities affected by the Conduent data breach. The attorney general is demanding evidence of the insurance company's compliance with state law regarding confidential information protection.
The investigation will also look into Conduent's security measures, communications and compliance with Texas law.
Below is a statement provided to 25 News by Conduent:
"From the outset of this incident, we acted promptly and in alignment with incident‑response protocols to contain and investigate the issue. We engaged leading third‑party cybersecurity experts, disclosed the incident through an 8-K filing, notified clients and relevant authorities, and worked to support those impacted by the event, including most recently sending notifications on clients’ behalf. To date, there is no evidence that any underlying data has been misused, posted, or made publicly available, and we continue to monitor closely.
We look forward to working cooperatively with the Texas Attorney General's Office to provide the relevant information, consistent with our longstanding practice of constructive engagement with regulators."
This story has been converted to this platform with the assistance of AI. Our editorial team verifies all reporting on all platforms for fairness and accuracy.
