- The TriZetto Provider Solutions breach exposed sensitive data from over 700,000 people
- Stolen information includes names, SSNs, insurance information and membership numbers
- Breach led to class-action lawsuit against Cognizant, TPS’s parent company
The number of people affected by the TriZetto Provider Solutions (TPS) data breach is now believed to have exceeded 700,000 people – far more than first thought.
Deschutes County Health Services (DCHS), one of TPS’ customers, confirmed the news in a recent data breach notice posted on its website.
In the data breach notification letter, it said that TPS discovered unauthorized activity in October 2025 and launched an investigation, which determined that threat actors broke in almost a year earlier – in November 2024. Since then, they have exfiltrated sensitive personal and health data on more than 700,000 people.
Blackmailing the victims
The data belongs to TPS’ clients, it said, and some of the affected organizations are Deschutes County Health Services, Best Care and La Pine Community Health Center. None of these companies were themselves breached – the breach occurred solely in TPS’s infrastructure.
The exposed data varies from person to person, but generally includes people’s names, addresses, dates of birth, social security numbers (SSN), health insurance company names, health insurance membership numbers, and provider names.
DCHS stressed that no medical diagnosis or treatment information, as well as payment data, was taken during the raid.
TriZetto Provider Solutions is a healthcare technology company and a subsidiary of Cognizant that provides healthcare organizations with revenue cycle management and claims management software and services.
Some of its clients include Denver Health and Hospital Authority, EmblemHealth, Bucksport Regional Health Center and others.
We do not know exactly how the attack happened or who the threat actors were. At the time of going to press, the data has not yet been misused in attacks, but it can be used in all kinds of fraud. For example, crooks can run highly targeted scams and phishing, pretending to be a health insurance company, tricking people into revealing more information or making payments.
They may also commit medical identity fraud by using insurance member numbers and insurance information to obtain medical services, prescription drugs, or submit false insurance claims.
According to The registerthe breach resulted in several class action lawsuits against Cognizant.
Via The register
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds. Be sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, video unboxings, and get regular updates from us on WhatsApp also.
