TriZetto Provider Solutions Data Breach Impacts 3.4 Million Patients
A data breach at TriZetto Provider Solutions, a healthcare IT company specializing in software and services for health insurers and providers, has exposed the sensitive information of over 3.4 million individuals. The breach, impacting clients of the Cognizant-owned company, involved unauthorized access to data spanning nearly a year.
Breach Timeline and Discovery
TriZetto detected suspicious activity on a web portal on October 2, 2025, initiating an investigation with external cybersecurity experts. However, the investigation revealed that unauthorized access began as early as November 19, 2024. BleepingComputer first reported on the incident.
Data Compromised
The compromised data relates to insurance eligibility verification transactions – a crucial step for providers to confirm patient insurance coverage before treatment. The types of data exposed vary per individual but may include:
- Full names
- Physical address
- Date of birth
- Social Security number
- Health insurance member number
- Medicare beneficiary identifier
- Provider name
- Health insurer name
- Demographic, health, and insurance information
Notification and Response
Affected providers were initially alerted on December 9, 2025, with customer notifications beginning in early February 2026. According to a filing with Maine’s Attorney General, the total number of individuals affected is 3,433,965. TriZetto has stated that payment card, bank account, or other financial information was not exposed.
Currently, TriZetto reports no evidence of cybercriminals misusing the compromised information. The company is offering affected individuals 12 months of free credit monitoring and identity protection services through Kroll to mitigate potential risks.
Ongoing Investigations and Previous Incidents
Whereas no ransomware groups have claimed responsibility for the attack, and no data leaks have surfaced on underground forums, the breach raises concerns about the security practices of Cognizant and its subsidiaries. Cognizant faced a rumored Maze ransomware breach in 2020 and was recently sued by Clorox in June 2025 for alleged negligence that allowed Scattered Spider operatives access to its network following a social engineering attack in September 2023.
Impacted Healthcare Providers
The breach has impacted a number of healthcare providers, including:
- Asian Americans for Community Involvement
- Axis Community Health
- Baltimore City Health Department
- Bay Area Community Health
- Benton County Health
- Best Care
- CE-Edinger Medical Group
- Chattanooga C.A.R.E.S. D/b/a Cempa Community Care
- Deschutes County Health Services
- Friends of Family Health Center
- Gardner Health Services
- Harmony Health Medical Clinic and Family Resource Center
- Indian Health Center of Santa Clara Valley
- Ko-Kwel Wellness Center
- La Clinica de la Raza
- La Pine Community Healthcare Center
- Lifelong Medical Care
- Lynn Community Health
- Mendocino Community Health Clinic
- Mission Neighborhood Health Center
- Native American Health Center
- OLE Health (dba CommuniCare + OLE)
- One Community Health
- Open Door Community Health Centers
- Petaluma Health Center
- Planned Parenthood Northern California
- Share Ourselves
- San Francisco Community Health Center
- Riverland Community Health
Cognizant is currently facing multiple class-action lawsuits related to the data security failures.
Looking Ahead
The TriZetto breach underscores the growing threat landscape facing the healthcare industry. Healthcare organizations and their IT partners must prioritize robust cybersecurity measures and proactive threat detection to protect sensitive patient data. Continued vigilance and investment in security infrastructure are essential to mitigate the risk of future incidents.