Cognizant’s TriZetto Subsidiary Reports Data Breach Affecting 3.4 Million Patients

Broken padlock over medical records illustrating data breach

TriZetto Provider Solutions, a healthcare-technology subsidiary of Cognizant, has disclosed a large data breach that exposed the protected health information of 3,433,965 patients. The company classified the incident as an external system hacking event after threat actors gained unauthorized access to TriZetto’s external infrastructure.

Timeline and discovery

Initial unauthorized access occurred on November 19, 2024.
TriZetto did not detect the intrusion until November 28, 2025, meaning the intrusion persisted undetected for just over a year.
TriZetto began notifying affected individuals on February 6, 2026, and filed formal breach notice materials with regulators; Maine’s Attorney General was notified and the filing identified 1,128 affected Maine residents.

What was exposed

According to the notification, attackers extracted full names and other personal identifiers combined with sensitive healthcare information from compromised systems. The filing does not indicate that financial account credentials were exposed but notes that the combination of identifiers and medical data increases risks such as targeted phishing, medical identity theft, and financial fraud for affected individuals.

Remediation and support

TriZetto engaged incident response efforts and retained security firm Kroll to assist. The company is offering impacted patients 12 months of complimentary single-bureau credit monitoring and identity-theft protection services as part of its remediation and notification process.

Practical next steps for affected individuals (consistent with expert guidance)

Review any written notice from TriZetto for specific instructions and enrollment details for offered identity protection services.
Monitor medical billing statements and Explanation of Benefits (EOBs) for unusual or unauthorized charges.
Consider placing a credit freeze or fraud alert with the major credit bureaus if recommended or available in your jurisdiction.
Be cautious of unsolicited communications that request personal information and treat unexpected messages about medical or billing matters as potential phishing attempts.

Why this matters

This breach underscores persistent risks in the healthcare supply chain and the consequences of long dwell times for intrusions. The exposure of identifying information tied to medical records can enable complex forms of fraud that may take months to detect and remediate.