TriZetto confirms 3.4M people’s health and personal data was stolen duringbreach

TriZetto confirmed a 2024 cyberattack compromised the personal and health data of over 3.4 million individuals, affecting various healthcare providers. The breach remained undetected for nearly a year, with sensitive information such as names, Social Security numbers, and health details stolen. Despite claims of eliminating the threat, the delay in detection raises concerns about cybersecurity in healthcare.

Key Points

• TriZetto reported that 3.4M people's data was stolen in a cyberattack detected on October 2, 2025, but access began in November 2024.
• The stolen data includes personal and healthcare-related information, like names, Social Security numbers, and insurance details.
• TriZetto serves about 200 million patients through 875,000 healthcare providers, crucial for assessing insurance for medical treatments.
• Following the breach, organizations including OCHIN confirmed their patients' data was compromised.
• Cognizant, the parent company, stated they eliminated the threat but did not clarify why detection took so long.

Relevance

• This breach is part of a trend of increasing cyberattacks on healthcare companies, with Change Healthcare experiencing a ransomware attack in 2024, affecting 192 million files.
• The incident highlights ongoing challenges in healthcare cybersecurity, emphasizing the need for improved detection and response measures.
• With the rise of telehealth and remote patient management, data breaches in healthcare have become more alarming, impacting trust in tech solutions.

The TriZetto data breach underscores the pressing need for enhanced cybersecurity protections in healthcare, as increasing digitalization leaves sensitive information vulnerable to attacks.