Photo by BleepingComputer on BleepingComputer
What happened
TriZetto Provider Solutions (owned by Cognizant) disclosed unauthorized access to systems handling insurance eligibility verification transactions, with exposure beginning on November 19, 2024 and detected on October 2, 2025.
A filing with the Maine Attorney General lists 3,433,965 impacted individuals.
Data potentially exposed
- Full name
- Physical address
- Date of birth
- Social Security number
- Health insurance member number
- Medicare beneficiary identifier
- Provider and insurer information
- Additional demographic and health-insurance-related data
TriZetto said payment card and bank account data were not exposed.
Why this matters
This is a high-impact healthcare-sector breach involving identity and insurance data that can support long-tail fraud, medical identity theft, and targeted social engineering.
The timeline also underscores delayed-notification risk: unauthorized access reportedly began in 2024, while broad consumer notifications started in 2026.
Recommended actions
- Impacted individuals should activate the offered credit/identity monitoring and place fraud alerts where appropriate.
- Healthcare entities should assess downstream risk from shared eligibility transaction data.
- Security teams should review vendor access pathways, portal authentication controls, and data minimization for eligibility workflows.
- Compliance teams should revisit breach-notification playbooks to reduce delay between discovery and consumer notification.
Bottom line
Large healthcare IT intermediaries remain high-value targets. Organizations should treat third-party eligibility and claims ecosystems as core attack surface, not peripheral risk.