Cognizant TriZetto breach exposes health data of 3.4 million patients
Source: Bleeping Computer
Breach Overview
TriZetto Provider Solutions, a healthcare IT company that develops software and services used by health insurers and healthcare providers, suffered a data breach that exposed the sensitive information of over 3.4 million people.
Operating under the Cognizant umbrella since 2014, the firm disclosed that it detected suspicious activity on a web portal on October 2, 2025 and launched an investigation with external cybersecurity experts. The investigation revealed that unauthorized access began nearly a year earlier, on November 19, 2024.
During the exposure period, threat actors accessed records related to insurance eligibility verification transactions—part of the process providers use to confirm a patient’s insurance coverage before treatment.
Data Exposed
The types of data exposed vary per individual and may include one or more of the following:
- Full names
- Physical address
- Date of birth
- Social Security number
- Health insurance member number
- Medicare beneficiary identifier
- Provider name
- Health insurer name
- Demographic, health, and insurance information
Affected providers were alerted on December 9, 2025, but customer notification started in early February 2026. According to a filing submitted by Maine’s Attorney General, the number of exposed individuals is 3,433,965【source】.
TriZetto confirmed that payment card, bank account, or other financial information was not exposed, and the company is not aware of any cases where cybercriminals have attempted to misuse the information.
Response and Mitigation
- TriZetto has taken steps to strengthen cybersecurity on its systems.
- Law enforcement authorities have been informed of the incident.
- Notification recipients are offered free 12‑month coverage of credit monitoring and identity protection services from Kroll.
BleepingComputer contacted TriZetto for more details about the breach and the delayed consumer notifications but had not received a response at the time of publication. No ransomware groups have claimed responsibility, and no data leaks linked to TriZetto have appeared on underground forums.
Additional Context
- Cognizant was rumored to have suffered a Maze ransomware breach in 2020【source】.
- In June 2025, Clorox sued Cognizant for gross negligence after the firm allegedly allowed Scattered Spider operatives into its network following a social‑engineering attack in September 2023【source】.
