Conduent Business Services, a third-party vendor handling print, mail, and back-office operations for Elevance Health (Anthem), suffered a data breach that exposed personal information belonging to Elevance Health plan members. The breach originated at the vendor layer, meaning Elevance Health’s own infrastructure was not directly compromised, but member data processed by Conduent was exposed. Business risk centers on potential HIPAA liability, member notification obligations, and reputational harm tied to a downstream vendor the organization does not directly control.