Home > Security > Security News

Automotive Giant Volvo Employee Information Exposed via Third-Party Conduent Data Breach

Published
Written by:
Lore Apostol
Lore Apostol
Cybersecurity Writer
Cars - Office - Employee - Laptop
Summarize with:
ChatGPT logo ChatGPT Claude.ai logo Claude.ai Google AI logo Google AI Grok logo Grok Perplexity logo Perplexity
Google logo Add as preferred source on Google
Key Takeaways
  • Third-Party Breach: A data breach at HR outsourcing firm Conduent exposed the personal information of nearly 17,000 employees of Volvo Group North America.
  • Prolonged Access: Intruders had access to Conduent's systems for nearly three months, from October 21, 2024, to January 13, 2025.
  • Attributed Actor: The incident has been publicly linked to the SafePay ransomware group, which claims to have stolen multiple terabytes of data.

Volvo Group North America has exposed the personal information of nearly 17,000 employees due to a significant Conduent data breach. According to a filing with the Maine Attorney General, Volvo listed late January 2026 as the date when it discovered that its employee data was compromised.

Conduent is a major business services provider that handles HR and benefits administration for the automaker. 

Volvo Employee Data Exposed

The breach notification reveals that the attackers accessed and exfiltrated 16,991 employee health plan files from Volvo. While the full scope of exposed data varies by individual, compromised information includes employee names and potentially other elements, such as:

Conduent breach notification letter | Source: Maine Attorney General
Conduent breach notification letter | Source: Maine Attorney General

Cybercriminals maintained access to Conduent's systems for a prolonged period, from October 21, 2024, to January 13, 2025. The timeline highlights a significant delay in discovery and notification.

Although Conduent has stated there is no evidence of data misuse, the SafePay ransomware group has claimed responsibility for the attack, alleging it stole 8.5TB of data.

Ransomware Threats

The data breach affecting Volvo employees is part of a much larger incident, with updated victim totals potentially reaching tens of millions, given Conduent's role in government and corporate services, as reports indicate that 25 million Americans were affected.

The SafePay claim shows how ransomware actors are targeting the supply chain to maximize impact. Reports this month revealed that 1.4 million Betterment email addresses were exposed following a third-party social engineering.

In 2025, Safepay targeted the U.S. defense contractor Hardwick Tactical and IT leader Ingram Micro, emerging as the most prolific threat actor of May 2025.

Add a Comment
Related
Airman Pleads Guilty to Receiving Child Pornography at Joint Base, Philadelphia Man Sentenced to 15 Years in Similar Case
job interview
North Korean Operatives Impersonate Real Professionals on LinkedIn, the Security Alliance Warns
Malware Target
AI-Generated Malware Exploits React2Shell Vulnerability as LLM-Assisted Cyberattacks Target Cloud Infrastructure
Ransomware
Senegal Confirms National ID Agency Breach After Ransomware Attack, Threat Actors Claim Stealing 139 GB of Data
vulnerability
Ivanti Zero-Day Vulnerabilities Exploited in Global Cyberattacks, Dutch Government Breached, Possibly European Commission
stalker
Stalkerware Data Breach: Hacktivist Leaks Over 530,000 Customer Records
Most Popular
Airman Pleads Guilty to Receiving Child Pornography at Joint Base, Philadelphia Man Sentenced to 15 Years in Similar Case
job interview
North Korean Operatives Impersonate Real Professionals on LinkedIn, the Security Alliance Warns
Local Pricing, Global Access ExpressVPN Expands Currency Options
Local Pricing, Global Access: ExpressVPN Expands Currency Options
Malware Target
AI-Generated Malware Exploits React2Shell Vulnerability as LLM-Assisted Cyberattacks Target Cloud Infrastructure
Ransomware
Senegal Confirms National ID Agency Breach After Ransomware Attack, Threat Actors Claim Stealing 139 GB of Data
vulnerability
Ivanti Zero-Day Vulnerabilities Exploited in Global Cyberattacks, Dutch Government Breached, Possibly European Commission
Airman Pleads Guilty to Receiving Child Pornography at Joint Base, Philadelphia Man Sentenced to 15 Years in Similar Case
North Korean Operatives Impersonate Real Professionals on LinkedIn, the Security Alliance Warns
Local Pricing, Global Access: ExpressVPN Expands Currency Options
AI-Generated Malware Exploits React2Shell Vulnerability as LLM-Assisted Cyberattacks Target Cloud Infrastructure
Senegal Confirms National ID Agency Breach After Ransomware Attack, Threat Actors Claim Stealing 139 GB of Data
Ivanti Zero-Day Vulnerabilities Exploited in Global Cyberattacks, Dutch Government Breached, Possibly European Commission

Most Popular
Airman Pleads Guilty to Receiving Child Pornography at Joint Base, Philadelphia Man Sentenced to 15 Years in Similar Case
job interview
North Korean Operatives Impersonate Real Professionals on LinkedIn, the Security Alliance Warns
Local Pricing, Global Access ExpressVPN Expands Currency Options
Local Pricing, Global Access: ExpressVPN Expands Currency Options
Malware Target
AI-Generated Malware Exploits React2Shell Vulnerability as LLM-Assisted Cyberattacks Target Cloud Infrastructure
Ransomware
Senegal Confirms National ID Agency Breach After Ransomware Attack, Threat Actors Claim Stealing 139 GB of Data
vulnerability
Ivanti Zero-Day Vulnerabilities Exploited in Global Cyberattacks, Dutch Government Breached, Possibly European Commission
Airman Pleads Guilty to Receiving Child Pornography at Joint Base, Philadelphia Man Sentenced to 15 Years in Similar Case
North Korean Operatives Impersonate Real Professionals on LinkedIn, the Security Alliance Warns
Local Pricing, Global Access: ExpressVPN Expands Currency Options
AI-Generated Malware Exploits React2Shell Vulnerability as LLM-Assisted Cyberattacks Target Cloud Infrastructure
Senegal Confirms National ID Agency Breach After Ransomware Attack, Threat Actors Claim Stealing 139 GB of Data
Ivanti Zero-Day Vulnerabilities Exploited in Global Cyberattacks, Dutch Government Breached, Possibly European Commission

TechNadu keeps you informed with the latest in cybersecurity, VPNs, and technology. From expert guides to in-depth reviews, we provide the knowledge you need to stay secure and connected in the digital world.

© 2026 TechNadu. All Rights Reserved. TechNadu is a part of Leaprove Media LLP.

Close lightbox
Facebook
Twitter
Linkedin
Reddit
Email
Copy Link
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: