Skip to main content

NEWS

09 MarNotice of Cybersecurity Incident: Conduent, Inc.


Western Growers Health recently received notification from Elevance Health (Anthem), one of our service providers, regarding a cybersecurity incident involving one of Elevance Health’s vendors, Conduent Inc. We are sharing this information to keep our participating employers informed and to provide context regarding communications some employees may receive.

What Happened

Conduent Inc., a third-party service provider used by Elevance Health, discovered on January 13, 2025, that it had experienced a cybersecurity incident involving unauthorized access to certain systems between October 21, 2024 and January 13, 2025. Conduent provides services to Elevance Health that support certain administrative functions, including printing and mailing correspondence, digitizing incoming paper correspondence, and performing payment integrity audits.

Western Growers Health does not contract directly with Conduent. Rather, Conduent provides services to Elevance Health, which in turn provides administrative and network services that support Western Growers Health benefits. In this sense, Conduent functions as a vendor to a vendor within the broader healthcare administrative ecosystem.

Elevance Health has advised that the incident occurred within Conduent’s environment and did not compromise Elevance Health’s network or systems, nor the systems operated by Western Growers Health.

Information Potentially Involved

According to information provided by Elevance Health and Conduent, the data that may have been accessed could include certain member information associated with health plan administration. Depending on the individual, this may include:

  • Name
  • Date of birth
  • Health insurance identification number
  • Patient ID number assigned by a provider
  • Group policy number
  • Treatment cost information
  • In some cases, Social Security number

Not all data elements were involved for every individual.

Member Notification

Conduent is responsible for notifying affected individuals. As part of that process, Conduent has begun sending notification letters directly to impacted members, which may include employees or dependents enrolled in Western Growers Health coverage through participating employers.

Due to the scope and complexity of the incident, notifications are being issued in multiple phases as impacted individuals are identified. As a result, some individuals may receive notifications at different times.

The notification letters provide additional details about the incident and include information about complimentary credit monitoring and identity protection services available to impacted individuals.

Actions Taken

Conduent reports that it has taken several steps to contain and remediate the incident, including:

  • Engaging leading cybersecurity experts to investigate the incident
  • Working with federal law enforcement, including the FBI
  • Identifying and isolating impacted systems
  • Resetting compromised accounts and strengthening authentication controls
  • Rebuilding and securing affected infrastructure
  • Enhancing monitoring and detection capabilities across its systems

Western Growers Health Commitment to Security

Protecting the privacy and security of member information is a top priority for Western Growers Health. While this incident occurred within a third-party vendor environment and did not involve Western Growers Health systems, we take these matters seriously.

We continue to work closely with Elevance Health to monitor the situation and ensure appropriate safeguards are maintained across the vendors that support our benefit programs.

Questions

Employers whose employees receive notification letters from Conduent do not need to take any action on behalf of the plan. Employees who receive a notice should follow the instructions in the letter if they wish to enroll in the offered credit monitoring services.


Western Growers Health – Employer FAQ
Conduent Cybersecurity Incident

Western Growers Health is providing the following information to help participating employers understand the recent cybersecurity incident involving Conduent Inc., a vendor used by Elevance Health (Anthem), which provides certain administrative services supporting Western Growers Health benefits.

  1. What happened?
    Conduent Inc., a third-party vendor used by Elevance Health, discovered on January 13, 2025 that it had experienced a cybersecurity incident involving unauthorized access to certain systems between October 21, 2024 and January 13, 2025. Conduent provides services that support certain administrative functions for Elevance Health, including printing and mailing correspondence, digitizing incoming paper correspondence, and performing payment integrity audits.

Western Growers Health does not contract directly with Conduent. Conduent provides services to Elevance Health, which in turn provides services supporting Western Growers Health health plan administration.

 

  1. Were Western Growers Health systems affected?
    No. Elevance Health has advised that the incident occurred within Conduent’s environment and did not involve or compromise the networks or systems of Elevance Health or Western Growers Health.

 

  1. What information may have been involved?
    According to Elevance Health and Conduent, the information that may have been accessed could include certain member data used for health plan administration. Depending on the individual, this may include:
  • Name
  • Date of birth
  • Health insurance identification number
  • Patient ID number assigned by a provider
  • Group policy number
  • Treatment cost information
  • In some cases, Social Security number

Not all data elements were involved for every individual.

 

  1. Will employees receive a notification letter?
    Conduent is responsible for notifying affected individuals. If an employee or dependent’s information was involved, they may receive a notification letter directly from Conduent explaining the incident and the resources available to them.

Because the incident involved multiple data sources and a large volume of records, notifications are being issued in several waves as impacted individuals are identified.

 

  1. What should employers do if employees receive a letter?
    No action is required from employers. Employees who receive a notification letter should review the information provided and may follow the instructions in the letter to enroll in the complimentary credit monitoring and identity protection services being offered.

 

  1. Why might an employee receive more than one letter?
    Because the incident involved multiple systems and datasets, an individual’s information could potentially appear in more than one data set. If this occurs, an individual may receive more than one notification letter.

 

  1. What steps has Conduent taken in response to the incident?
    Conduent reports that it has taken several remediation and security measures, including:
  • Engaging cybersecurity experts to investigate the incident
  • Working with federal law enforcement
  • Identifying and isolating impacted systems
  • Resetting compromised accounts and strengthening authentication controls
  • Rebuilding affected systems and enhancing monitoring capabilities

 

  1. Who should employees contact with questions?
    Employees who receive a notification letter should follow the contact instructions included in that letter. The notice will include contact information and details about available credit monitoring services.

Western Growers Health takes the privacy and security of member information seriously and continues to work closely with our service providers to ensure appropriate safeguards are maintained across the systems and vendors that support our health plan programs.