Search

Cognizant TriZetto Breach Exposes Health Data of 3.4 Million Patients

Cyber threats and incidents
By John Kevin Hao
Credit: Cognizant

Related

Cyber threats and incidents

South Korea Fines Coupang $400M Over Data Breach Affecting Millions

What happened South Korea fined online retail giant Coupang more...
Read more
Cyber threats and incidents

ServiceNow Discloses Security Incident Exposing Customer Data

What happened ServiceNow disclosed a security incident after attackers exploited...
Read more
Cyber threats and incidents

Lansing Community College Data Breach Impacts 174,000 People

What happened Lansing Community College is notifying more than 174,000...
Read more
Cyber threats and incidents

SoFi Confirms Third-Party Data Breach at Hong Kong Subsidiary

What happened SoFi Hong Kong confirmed a data breach after...
Read more
Cyber threats and incidents

Meta AI Support Data Breach Affects Over 20,000 Instagram Accounts

What happened Meta revealed that more than 20,000 Instagram users...
Read more

Share

What happened

TriZetto Provider Solutions, a healthcare IT company owned by Cognizant, disclosed a data breach that exposed sensitive health and personal information belonging to approximately 3,433,965 individuals. The company detected suspicious activity on a web portal on October 2, 2025, but an investigation found that unauthorized access began nearly a year earlier on November 19, 2024. During this period, attackers accessed records linked to insurance eligibility verification transactions used by healthcare providers to confirm patient coverage. The exposed information varies by individual and may include names, addresses, dates of birth, Social Security numbers, health insurance member numbers, Medicare beneficiary identifiers, provider names, and other demographic and insurance details. TriZetto stated that payment card and bank account information were not exposed and reported the incident to law enforcement. 

Who is affected

Patients whose insurance verification data was processed through TriZetto Provider Solutions systems are affected, with more than 3.4 million individuals’ personal and healthcare-related information exposed in the breach. 

Why CISOs should care

The incident highlights the risks associated with healthcare IT platforms that handle large volumes of insurance and patient data, where compromise of a single vendor system can expose sensitive information across multiple healthcare providers. 

3 practical actions

  1. Audit vendor access to patient data. Review third-party healthcare platforms that process insurance and patient verification records.
  2. Monitor for identity and healthcare fraud indicators. Track unusual activity involving exposed Social Security numbers or insurance identifiers.
  3. Strengthen third-party risk management controls. Evaluate security practices and incident response processes of healthcare technology vendors.

Stay updated on the latest data breach incidents affecting organizations, governments, and technology providers worldwide. Explore more coverage of major breaches and exposed data.

IMG 0514 2
+ posts

John Kevin Hao is a news and feature writer covering cybersecurity, technology, and business targeted for professional audiences.

Previous article
FBI Investigates Breach of Surveillance and Wiretap Systems
Next article
Aviation Cybersecurity Leaders to Watch in the Netherlands

Subscribe to our stories

To be updated with all the latest news, offers and special announcements.