TriZetto Provider Solutions Breach Exposes Data of 3.4 Million Patients
A breach at TriZetto Provider Solutions, a Cognizant subsidiary, has compromised the personal and health insurance information of over 3.4 million patients.
TriZetto Provider Solutions (TPS), a subsidiary of Cognizant Technology Solutions, has disclosed a data breach affecting more than 3.4 million patients. The incident, discovered on October 2, 2025, involved unauthorized access to a web portal used by some of its healthcare provider customers, according to a notification filed with the Office of the Maine Attorney General.
TPS provides claims management, billing services, and other software for the healthcare sector, including hospitals, physician practices, and insurers. The company stated that while no payment card, bank account, or financial details were taken, the exposed data includes names, addresses, dates of birth, Social Security numbers, health insurance member numbers (including Medicare identifiers), provider names, health insurer names, primary insured information, and other demographic, health, and health insurance details.
The breach was discovered after TPS detected suspicious activity in the web portal. The company said it immediately launched an investigation with the help of law enforcement and security partners and has since implemented additional security protocols. It remains unclear what specific measures were taken, though TPS's website claims its platform is certified to SOC 2, EHNAC, and HITRUST standards. The firm is offering credit monitoring services to affected individuals.
This incident adds to a history of security challenges for parent company Cognizant. In April 2020, the company suffered a ransomware attack by the Maze group that resulted in expected costs of $50–70 million. More recently, Cognizant was sued by Clorox after a 2023 cyberattack allegedly stemmed from a helpdesk staffer resetting an employee password without following security protocols, enabling a threat actor to access Clorox's network in a breach that cost the cleaning products company $49 million.
The TriZetto breach underscores the persistent risks facing the healthcare sector, where sensitive patient data is a prime target for cybercriminals. With millions of individuals affected, the incident highlights the need for robust security measures and rapid incident response in healthcare IT environments.