TriZetto Provider Solutions, a healthcare technology subsidiary of the IT services giant Cognizant, has officially disclosed a massive cybersecurity data breach affecting the sensitive health information of 3,433,965 patients.
The healthcare organization recently filed a formal data breach notification revealing that malicious threat actors successfully compromised their external systems.
This extensive breach heavily underscores the ongoing security threats directly targeting the healthcare supply chain and vital third-party service providers.
Breach Timeline and Attack Impact
The unauthorized external network access initially occurred on November 19, 2024. However, the organization did not officially discover the intrusion until November 28, 2025.
This severe security dwell time allowed the malicious attackers to remain completely undetected inside TriZetto’s external infrastructure for slightly over an entire year.
The breach is currently classified as an external system hacking incident. During the intrusion, cybercriminals successfully extracted full names and other critical personal identifiers directly combined with sensitive healthcare data.
This extensively delayed discovery raises immediate critical questions about network monitoring capabilities and threat hunting practices within the broader healthcare technology sector.
Maine’s Attorney General received the official breach notice on February 6, 2026, submitted by legal counsel Edward Zacharias from McDermott Will & Schulte.
While millions are impacted nationwide, the filing specifies that 1,128 victims are residents of Maine. The massive scale of this data exfiltration event easily places it among the largest and most severe healthcare supply chain breaches reported recently.
| Incident Metric | Technical Details |
|---|---|
| Target Organization | TriZetto Provider Solutions (Earth City, MO) |
| Total Victims Impacted | 3,433,965 |
| Attack Vector | External System Breach (Hacking) |
| Initial Compromise | November 19, 2024 |
| Intrusion Discovered | November 28, 2025 |
Following the eventual discovery of the compromised infrastructure, TriZetto initiated an incident response investigation and began officially notifying affected consumers on February 6, 2026.
Because the stolen databases include highly sensitive personal identifiers linked with medical records, impacted victims now face a significantly elevated risk of targeted spear-phishing campaigns, medical identity theft, and severe financial fraud.
The technology provider is currently delivering written notification letters to all affected patients to maintain strict compliance with regulatory breach disclosure laws.
To help mitigate the potential ongoing fallout from this massive data exposure, TriZetto partnered directly with the security firm Kroll.
The company is currently offering affected patients 12 months of complimentary single-bureau credit monitoring and dedicated identity theft protection services.
Independent cybersecurity researchers strongly advise all affected patients to proactively freeze their credit reports and continuously monitor their personal medical billing statements for any unauthorized or fraudulent healthcare claims.
Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.
