TriZetto Provider Solutions, a healthcare IT company that develops software and services used by health insurers and healthcare providers, has suffered a data breach that exposed the sensitive information of over 3.4 million people.
The firm, which has been operating under the Cognizant umbrella since 2014, disclosed that it detected suspicious activity on a web portal on October 2, 2025, and launched an investigation with the help of external cybersecurity experts.
The investigation revealed that unauthorized access began nearly a year before, on November 19, 2024.
During the exposure period, the threat actors accessed records relating to insurance eligibility verification transactions, which are part of the process providers use to confirm a patient’s insurance coverage before treatment.
The types of data that have been exposed vary per individual, and may include one or more of the following:
- Full names
- Physical address
- Date of birth
- Social Security number
- Health insurance member number
- Medicare beneficiary identifier
- Provider name
- Health insurer name
- Demographic, health, and insurance information
Affected providers were alerted on December 9, 2025, but customer notification started in early February 2026. According to a filing Maine’s Attorney General submitted today, the number of exposed individuals is 3,433,965.
TriZetto says that payment card, bank account, or other financial information was not exposed in this incident.
Also, the company is not aware of any cases where cybercriminals have attempted to misuse this information.
TriZetto says it has taken steps to strengthen cybersecurity on its systems and informed law enforcement authorities of the incident.
Notification recipients are offered free 12-month coverage of credit monitoring and identity protection services from Kroll to help mitigate risks arising from compromised data.
BleepingComputer has contacted TriZetto to learn more about the nature of the security breach and why the firm delayed notifications to consumers for several months, but we have not received a response by publication time.
No ransomware groups have taken responsibility for the attack yet, and no data leaks linked to TriZetto have appeared on underground forums.
Cognizant itself was rumored to have suffered a Maze ransomware breach in 2020. In June 2025, Clorox sued the IT firm for gross negligence after it allegedly let Scattered Spider operatives into its network following a social engineering attack in September 2023.
Malware is getting smarter. The Red Report 2026 reveals how new threats use math to detect sandboxes and hide in plain sight.
Download our analysis of 1.1 million malicious samples to uncover the top 10 techniques and see if your security stack is blinded.
