Conduent Services, a third-party provider of back-office support, has alerted patients of Blue Cross Blue Shield (BCBS) about a significant data breach that has compromised sensitive personal information, including Social Security numbers. In a letter sent to affected patients on October 24, Conduent acknowledged the incident, stating, “We are writing to inform you about a recent incident experienced by Conduent that may have involved some of your personal information, which came into our possession due to the services we provide to Blue Cross Blue Shield of Texas.”
The company emphasized that it is currently “unaware” of any actual or attempted misuse of the compromised data. Nevertheless, Conduent has recommended precautionary measures for customers to safeguard their information, should they feel it necessary.
The breach reportedly stems from a “cyber incident” that Conduent experienced earlier this year. Investigations revealed that an unauthorized third party accessed the network from October 21, 2024, to January 13, 2025, during which time some files related to BCBS were compromised. The notification letter reassured patients that the communication was essential due to the recent conclusion of a time-sensitive data analysis concerning the incident.
Compromised data includes not only Social Security numbers but also patients’ dates of birth and addresses. In response to the breach, Conduent is providing affected individuals with 24 months of complimentary credit monitoring and identity restoration services.
Patients were advised on several steps to protect their personal information:
-
Credit Monitoring through Kroll: Individuals can avail of 24 months of identity monitoring services by visiting enroll.kroll.com/redeem, where they can input their activation code provided in the notification letter. Enrollment must be completed by March 2026 to claim the service at no charge.
-
Free Credit Reports: Under U.S. law, individuals are entitled to one free credit report annually from each of the three major credit reporting bureaus—Equifax, Experian, and TransUnion. Reports can be requested through annualcreditreport.com or by calling 877-322-8228.
-
Fraud Alerts: Placing a fraud alert with any of the major credit bureaus can help protect against new accounts being opened in the individuals’ names without their consent. The initial alert remains active for 90 days and can be renewed thereafter.
Additionally, Conduent’s identity monitoring services through Kroll include features such as credit monitoring alerts, fraud consultation, and access to identity restoration specialists for those facing issues related to identity theft.
As a result of this incident, Blue Cross Blue Shield patients are urged to remain vigilant and take the necessary precautions to safeguard their personal data.
