Almost 17,000 Volvo employees have had their personal data exposed after attackers breached Conduent, an outsourcing company that manages workforce benefits and back-office services.
In a filing with the Maine Attorney General, Volvo Group North America said it learned in late January that employee data had been exposed through systems run by Conduent.
In a letter to customers, Conduent said: “On 13 January 2025, we discovered that we were the victim of a cyber incident that impacted a limited portion of our network. We immediately secured our networks and initiated an investigation with the assistance of third-party forensic experts.”
Conduent’s investigation determined that an unsanctioned third party had access to its environment betwen 21 October 2024 and 13 January 2025. The bad actors obtained files associated with customers’ current or former health plans.
“Given the nature and complexity of the data involved, Conduent has been working diligently with a dedicated review team, including internal and external experts, to conduct a detailed analysis of the affected files to identify the personal information contained therein. We are providing you with this notice upon the recent conclusion of this time-intensive data analysis as your personal information was contained in the affected files,” the company added.
“Upon discovery of the incident, we safely restored our systems and operations and notified law enforcement,” it added.
we are providing you with access to 12 or 24 months of credit monitoring and identity restoration services through Epiq at no charge to you
Conduent said it sincerely regretted the incident, and offered affected companies 12 or 14 months of Epiq’s Privacy Solutions ID for free. Those to take them up on the offer get credit monitoring with alerts, identify restoration, and dark web monitoring.
Matt Conlon, CEO & co-founder at Cytidel, said: “This incident will feel uncomfortably familiar to anyone who watched the Jaguar Land Rover breach unfold. While the operational impact here wasn’t as severe, that doesn’t justify a year-long delay in disclosure. Timely transparency matters, particularly when third-party providers hold sensitive data deep within complex supply chains.
Conlon says this highlights a growing need for organizations to have a clearer view of their critical suppliers: what data they hold, how it’s protected, and, crucially, how breaches are investigated and communicated jointly when something goes wrong.
“Security incidents are inevitable, but poor coordination and slow information sharing significantly amplify the fallout.”
One of the biggest challenges across the industry remains supply-chain visibility, Conlon adds. “Too often, security teams are forced to focus on superficial scorecards or letter-grade ratings that flag low-value issues, rather than monitoring meaningful risk indicators that reflect real-world exposure. Strong collaboration between suppliers and customers, backed by context-driven metrics, is what ultimately determines whether an incident becomes a contained issue or a long-term reputational and financial problem.”
Information Security Buzz News Editor
Kirsten Doyle has been in the technology journalism and editing space for nearly 24 years, during which time she has developed a great love for all aspects of technology, as well as words themselves. Her experience spans B2B tech, with a lot of focus on cybersecurity, cloud, enterprise, digital transformation, and data centre. Her specialties are in news, thought leadership, features, white papers, and PR writing, and she is an experienced editor for both print and online publications.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.