Conduent Business Services, a third-party “back-office support” provider, has notified Blue Cross Blue Shield members that sensitive information, including Social Security numbers, may have been exposed in a recent data breach.

What did Conduent say about the data breach incident?

“We are writing to inform you about a recent incident experienced by Conduent that may have involved some of your personal information, which came into our possession due to the services we provide to Blue Cross Blue Shield of Texas,” the company told patients in an Oct. 24 letter obtained by MassLive.

In addition to Social Security numbers, the “affected files” included patient names, medical records and health insurance information, according to a notice on Conduent’s website about the incident.

The company continued that it was “unaware of any attempted or actual misuse of any information involved in this incident,” and immediately “secured our network, notified law enforcement authorities, and safely restored our systems and operations.”

When did the first cyber incident happen?

Conduent said, “On January 13, 2025, we discovered that we were the victim of a cyber incident that impacted a limited portion of our network,” adding, “Our investigation determined an unauthorized third party had access to our environment from October 21, 2024, to January 13, 2025, and obtained some files associated with Blue Cross Blue Shield.”

“We are providing you with this notice upon the recent conclusion of this time-sensitive data analysis, as your personal information was contained in the affected files,” the company continued.

In addition to the notice, Conduent has offered affected customers 24 months of free credit monitoring and identity restoration services, according to MassLive.

Helpful security tips and offers for customers

Conduent shared helpful cybersecurity tips Blue Cross Blue Shield customers can use to protect themselves and their private information:

Enroll in Kroll identity monitoring

  • Visit enroll.kroll.com/redeem.
  • Enter activation code from the notification letter.
  • Enroll by March 2026 to receive 24 months of free monitoring.

Request a free credit report

  • Customers will have one free credit report per year from each of the three major credit bureaus: Equifax, Experian, and TransUnion.
  • Request at annualcreditreport.com or call 877-322-8228.

Place a fraud alert

  • Call any one of the three credit bureaus to place an alert.
  • The alert lasts 90 days and can be renewed.
  • Creditors will contact customers before opening new accounts or making changes to existing ones.