TriZetto Provider Solutions Reports Data Breach Impacting Healthcare Clients
Post Summary
A cybersecurity incident at TriZetto Provider Solutions exposed sensitive healthcare data, including protected health information.
Unauthorized access began in November 2024 and was discovered on October 2, 2025.
Historical eligibility transaction reports and protected health information were compromised.
Healthcare provider clients of TriZetto and their patients are among those impacted.
Cognizant, TriZetto’s parent company, faces multiple class-action lawsuits for failing to secure sensitive data.
TriZetto is investigating the incident, notifying affected parties, and implementing enhanced cybersecurity measures.
TriZetto Provider Solutions, a company owned by Cognizant that provides revenue management services to the healthcare industry, has disclosed a data breach affecting some of its healthcare provider clients. The breach involved unauthorized access to sensitive patient information over a period of nearly a year.
Incident Overview
On October 2, 2025, TriZetto identified suspicious activity within a web portal used by healthcare providers to access its systems. The company responded immediately by securing the portal and initiating an investigation with the help of the cybersecurity firm Mandiant. TriZetto has stated that the "threat actor has been eradicated from its system" and confirmed that no further unauthorized access has been detected since the initial breach was discovered.
However, a forensic investigation revealed that the unauthorized access began as early as November 2024. During that period, the threat actor gained access to historical eligibility transaction reports stored on TriZetto’s systems. These reports contained sensitive protected health information (PHI) related to patients served by certain healthcare providers.
sbb-itb-535baee
Compromised Data
The investigation, which concluded at the end of November 2025, determined that the breach exposed various types of personal and health-related information. This included patients' and primary insureds' names, addresses, dates of birth, Social Security numbers, health insurance member numbers (including Medicare beneficiary numbers in some cases), health insurer names, and demographic health and insurance details. TriZetto emphasized that no financial information was involved in this incident.
Notifications and Response Measures
TriZetto has notified the affected healthcare providers and shared details about the compromised data and the individuals impacted. Under the HIPAA Breach Notification Rule, affected individuals must be informed within 60 days of a HIPAA-covered entity being made aware of the data breach. TriZetto has offered to assist its healthcare clients by handling these individual notifications, as well as reporting the incident to the Department of Health and Human Services’ Office for Civil Rights, state regulators, and media outlets.
Additionally, TriZetto has pledged to cover the costs of complimentary credit monitoring, fraud consultation, and identity theft restoration services for affected individuals.
Breach Scale Unclear
While the exact number of impacted healthcare provider clients and individuals remains unknown, the company has acknowledged that the breach spanned an 11-month period. This duration suggests the potential for a significant number of records to have been compromised.
TriZetto continues to work closely with its healthcare clients to manage the fallout from this incident. Further updates from the company are expected as more details become available.
Key Points:
What is the TriZetto Provider Solutions data breach?
- A significant cybersecurity incident occurred at TriZetto Provider Solutions, a healthcare revenue management subsidiary of Cognizant.
- The breach exposed sensitive healthcare data, including protected health information (PHI), impacting healthcare provider clients and their patients.
When did the breach occur, and how was it discovered?
- Unauthorized access began in November 2024 and went undetected for nearly a year.
- The breach was discovered on October 2, 2025, when suspicious activity was identified on a web portal used by healthcare clients.
What types of data were exposed?
- The breach involved historical eligibility transaction reports and other sensitive data.
- Exposed information included protected health information (PHI), which may include patient names, medical records, and other personal details.
Who is affected by the breach?
- Healthcare provider clients of TriZetto and their patients are among those impacted.
- The breach has raised concerns across the healthcare industry due to the critical nature of the data involved.
What legal actions have been taken against Cognizant and TriZetto?
- Cognizant, TriZetto’s parent company, is facing multiple class-action lawsuits for failing to secure sensitive healthcare data.
- Allegations include delayed notification to affected individuals and inadequate cybersecurity measures.
What steps is TriZetto taking to address the breach?
- TriZetto is conducting a comprehensive investigation into the incident.
- The company is notifying affected parties and implementing enhanced cybersecurity measures to prevent future breaches.
