Cognizant Technology Solutions is facing a wave of legal challenges in the United States following a significant data breach at its subsidiary, TriZetto Provider Solutions (TPS).
The IT services giant has been hit with at least three class-action lawsuits alleging that it failed to protect sensitive healthcare data and delayed notifying victims for nearly a year.
A Year-Long Exposure
According to court filings in federal courts in New Jersey and Missouri, the security failure was extensive.
Plaintiffs allege that hackers gained unauthorized access to TriZetto’s systems as far back as November 2024. However, Cognizant reportedly did not discover the intrusion until October 2, 2025.
This timeline suggests that protected private data including Social Security numbers, financial account details, and home addresses was left exposed to cybercriminals for approximately 11 months before the company realized the breach.
The lawsuits, filed by plaintiffs from states including Arizona and California, accuse Cognizant and TPS of negligence.
The complaints argue that the companies failed to implement adequate security measures to safeguard personal information.
Furthermore, the plaintiffs criticize the company for failing to disclose the breach immediately upon discovery.
According to CNBC, legal filings contend that this delay in notification prevented victims from taking necessary steps to protect themselves from identity theft and fraud.
The complaints also highlight a lack of transparency, noting that public disclosures about the breach have provided few details on the root cause or the remedial actions being taken.
Facing growing scrutiny, Cognizant and TriZetto have maintained that data security is a priority.
A spokesperson for TriZetto stated that the company “takes the protection of information very seriously and regrets any inconvenience this incident may have caused.” The company declined to comment further on specific details, citing the active litigation.
This incident underscores the growing risks in the healthcare IT sector, where vendors handle vast amounts of sensitive patient and insurance data.
As the lawsuits proceed, they will likely focus on why the intrusion went undetected for so long and whether the company’s response met legal and ethical standards.
Follow us on Google News, LinkedIn, and X to Get Instant Updates and Set GBH as a Preferred Source in Google.