Article Title:
Cognizant’s TriZetto Data Breach Exposes Health Information of 3.4 Million Patients
Article Text:
In a significant cybersecurity incident, TriZetto Provider Solutions, a subsidiary of IT services giant Cognizant, has disclosed a data breach compromising the sensitive health information of 3,433,965 patients. The breach underscores the escalating threats targeting the healthcare sector and its supply chains.
Breach Timeline and Impact
The unauthorized access began on November 19, 2024, but remained undetected until November 28, 2025, allowing cybercriminals to infiltrate TriZetto’s external systems for over a year. During this period, attackers extracted full names and other personal identifiers linked with sensitive healthcare data. The prolonged undetected presence raises concerns about the effectiveness of network monitoring and threat detection within healthcare technology infrastructures.
On February 6, 2026, Maine’s Attorney General received the official breach notification, highlighting that 1,128 residents of Maine were among those affected. This incident ranks among the most severe healthcare supply chain breaches in recent history.
Remediation and Victim Protection
Upon discovering the breach, TriZetto initiated an incident response and began notifying affected individuals on February 6, 2026. Given the nature of the compromised data, victims face increased risks of spear-phishing attacks, medical identity theft, and financial fraud.
To mitigate potential fallout, TriZetto has partnered with security firm Kroll to offer affected patients 12 months of complimentary single-bureau credit monitoring and identity theft protection services. Cybersecurity experts advise victims to freeze their credit reports and monitor medical billing statements for unauthorized activity.
