Health Tech Giant TriZetto Confirms Massive Data Breach
TriZetto, a leading health tech company owned by multinational conglomerate Cognizant, has disclosed a major data breach affecting over 3.4 million individuals. The cyberattack, which took place in 2024, went undetected for almost a year, raising concerns about the security measures in place.
The company, known for serving around 200 million people and 875,000 healthcare providers in the U.S., provides essential services for assessing patients’ insurance eligibility for medical treatments. This breach has put sensitive personal and health information at risk, including names, dates of birth, addresses, Social Security numbers, provider details, and insurance information.
According to a filing with Maine’s attorney general, hackers gained access to patients’ insurance eligibility transaction reports stored on TriZetto’s servers. While the breach was identified on October 2, 2025, it was later revealed that unauthorized access dates back to November 2024, highlighting the extent of the security lapse.
Despite the breach, not all customers were affected, as confirmed by TriZetto. However, several organizations, including OCHIN, a healthcare technology consultancy firm serving rural and community care providers, have reported compromised patient information.
TriZetto’s parent company, Cognizant, has yet to provide a detailed response on the breach and the delay in detection. This incident adds to a series of cybersecurity breaches in the health tech industry, with Change Healthcare being another notable victim in 2024.
The ransomware attack on Change Healthcare resulted in the theft of over 192 million patient files, causing widespread disruptions in healthcare services across the country. These incidents underscore the need for robust cybersecurity measures in safeguarding sensitive data and ensuring the trust and security of patients and healthcare providers.
Upcoming Techcrunch Event
San Francisco, CA
|
October 13-15, 2026
