TriZetto Provider Solutions is a healthcare IT subsidiary of Cognizant Technology Solutions that provides revenue cycle management and claims processing services to physicians, hospitals, and health systems. Trizetto has experienced a significant data breach of patient information.
What Happened
- Unauthorized Access Discovered (Oct 2, 2025)
TriZetto identified suspicious activity on a web portal used by healthcare provider clients. The portal was used to access eligibility and related reports. As soon as the activity was found, TriZetto secured the portal and brought in external cybersecurity experts to investigate. - Long Undetected Access (Nov 2024 – Oct 2025)
Forensic analysis showed that the breach likely began in November 2024, meaning the threat actor had unauthorized access for nearly 11 months before discovery.
What Data Was Involved
The breach exposed sensitive personal and health information (often called PHI — Protected Health Information) of individuals associated with healthcare provider clients. This potentially includes:
- Patient and insured names
- Addresses and dates of birth
- Social Security numbers
- Health insurance member numbers (including Medicare numbers)
- Health insurer names and related demographic/insurance info
Importantly: According to internal reports, financial account numbers (like bank or credit card numbers) were not part of this breach. DistilINFO Publications
Class-Action Lawsuits
Cognizant (and its subsidiary TriZetto) are now facing multiple class-action lawsuits in U.S. federal courts (including New Jersey and Missouri) alleging that:
- They failed to adequately protect individuals’ data.
- They did not detect or disclose the breach in a timely way, leaving sensitive information exposed for many months.
- Delayed notification hindered affected people from protecting themselves against identity theft and fraud. Cyber Security News+1
Here are practical actions healthcare providers should take after (or in response to) a breach like the TriZetto incident. I’ll keep this clear and operational. It is important to remember that even though the breach occurred at TriZetto, if your patient data was involved, YOU are the Covered Entity. The breach is ultimately your responsibility.
1. Make sure your HIPAA Security Manual and Risk Mitigation Plan is up to date
- Determine when you last updated your HIPAA Security Manual.
- Make sure all of your employees are up to date on their HIPAA training.
- If your HIPAA Manual is not up to date, and your employees are not trained it makes a possible HIPAA investigation much more difficult for your practice.
2. Confirm Impact to Your Organization
- Determine whether your data was involved by reviewing TriZetto/Cognizant notifications and data scope details.
- Identify which patients, plan members, or employees are affected.
- Document what data elements were exposed (e.g., SSNs, member IDs, demographics).
3. Meet Legal & Regulatory Obligations
- HIPAA Breach Notification Rule:
- Notify affected individuals without unreasonable delay (and no later than 60 days).
- Notify HHS (and state regulators if required).
- If 500+ individuals are affected in a state/jurisdiction, notify the media as required.
- Coordinate with legal counsel to ensure timelines, content, and jurisdictional rules are met.
4. Communicate Clearly With Patients
- Provide notices that:
- Explain what happened and what information was involved
- Describe what you are doing to protect them
- Outline steps patients can take to protect themselves
5. Strengthen Vendor & Third-Party Risk Management
- Reassess TriZetto (and other vendors) by:
- Reviewing Business Associate Agreements (BAAs)
- Confirming security controls, logging, and monitoring practices
6. Improve Internal Security Controls
Even if the breach occurred at a vendor:
- Review access pathways (portals, APIs, file transfers).
- Enforce:
- Multi-factor authentication (MFA)
- Least-privilege access
- Regular credential rotation
- Improve log monitoring and alerting for third-party connections.
7. Prepare for Legal & Financial Fallout
- Preserve evidence and communications related to the incident.
- Coordinate with insurers if you have cyber liability coverage.
- Track costs related to notifications, credit monitoring, legal fees, and remediation.
8. Rebuild Trust
- Be transparent without over-sharing sensitive details.
- Communicate security improvements you’re making.
- Demonstrate accountability and responsiveness—this matters greatly in healthcare.
In short:
Notify → Protect patients → Secure systems → Hold vendors accountable → Learn and improve.
If your practice was involved, your patients may be eligible to join a class action lawsuit related to the TriZetto Provider Solutions data breach (the breach Cognizant is facing lawsuits over as of early 2026) and what they should know, and information you may want to share with them:
1. First: Confirm You Were Affected
Before you join any lawsuit, make sure your personal information was actually exposed in the TriZetto breach.
You’re likely affected if you:
- Received a breach notification letter or email from TriZetto or your healthcare provider.
- Were told your personal identifiable information (name, birthdate, SSN, insurance numbers, etc.) was compromised.
Keep a copy of any notification—you’ll need it when signing up.
2. Find an Active Class Action or Attorney Investigating It
Data breach class actions aren’t automatic—you typically need to opt in or contact an attorney handling the case.
Law Firms Investigating the TriZetto Breach
- Levi & Korsinsky, LLP is publicly investigating whether affected individuals may be entitled to compensation and is offering free participation. You can reach out for a free case evaluation.
Websites Where You Can Sign Up
Some sites collect potential plaintiffs and connect them with attorneys if a class action has been filed:
- JoinClassActions.com has a page specifically for TriZetto Provider Solutions data breach claims where you can submit your information for evaluation.
- Organizations like ClassActionU.org also connect you with lawyers handling healthcare data breach suits.
On these sites, there’s typically a form to:
- Enter your contact info
- Confirm you received a breach notice
- Submit documentation (e.g., the breach letter)
There’s usually no cost to sign up or talk to a lawyer.
3. What Happens After You Sign Up
Once you submit your information:
- A law firm will review whether you qualify based on the breach details (e.g., the type of data exposed).
- If a class action has already been filed in court, they may contact you to formally join the class.
- If no class action is yet filed, they may help initiate one or include you in a related collective action.
Participation does not guarantee compensation—it depends on how the case proceeds and whether the court approves any settlement.
4. Costs & Fee Structure
- Most plaintiffs in these data breach cases don’t pay upfront legal fees.
- Attorneys typically work on a contingency basis (they get paid only if the case wins or settles).
- You won’t pay anything just to sign up or talk to a lawyer.
5. Read Any Notices Carefully
If you receive a court-approved notice later (once a class is certified or a settlement is proposed), it will explain:
- Who qualifies as a class member
- How to file a claim
- Deadlines for registration
- Whether you can opt out of the class to pursue your own lawsuit instead
This is similar to other breach notice procedures in class actions.
⚠️ Tips & Precautions
- Only sign up through reputable sources. Avoid unsolicited calls/texts that ask for sensitive info beyond what’s necessary.
- Don’t pay anyone to find or join the lawsuit—lawyers in these cases are usually paid from any future recovery.
If you need assistance with responding to a Breach, or with keeping your HIPAA manual up to date please contact TLD Systems at
(631) 403 6687
** AI was utilized to assist with writing this article
Read Comments