Healthcare cyberattack hits TriZetto, 3.4 million affected
NEWYou can now listen to Fox News articles!
Another major cyber attack on healthcare has emerged, and it involves a company most patients have never heard of. A health technology company that helps doctors verify insurance coverage has confirmed that hackers stole personal and medical information from more than 3.4 million people. The company TriZetto operates behind the scenes in the US healthcare system, helping providers check patient insurance before treatments.
This breach raises new questions about how long attackers can stay in critical healthcare systems without anyone noticing. Here’s what it is and why it’s important.
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent safety alerts and special deals straight to your inbox. For simple, real-world ways to spot scams early and stay protected, visit CyberGuy.com – trusted by millions of people who watch CyberGuy on TV every day. Additionally, you will have instant access to my information. The Ultimate Scam Survival Guide It’s free when you join.
Insurance verification company behind the breach
TriZetto may not be a household name, but its technology plays an important role in daily healthcare operations. The company is owned by multinational technology firm Cognizant and provides tools that healthcare providers use to verify insurance eligibility and process coverage checks before treatment. When a doctor’s office confirms whether your insurance covers a visit or procedure, that claim is typically submitted through systems like TriZetto.
163 THOUSAND DOLLARS FAKE SICKNESS INVOICE FEE; AI REVEALS THIS FOR YOU
A massive healthcare cyberattack exposed personal and medical information tied to more than 3.4 million people after hackers breached TriZetto, an insurance verification company owned by Cognizant. (Hispanolist/Getty Images)
According to the company, its services help support healthcare operations for nearly 200 million people through more than 875,000 providers across the United States. This scale also makes the company an attractive target for cybercriminals.
What did hackers steal in the TriZetto data breach?
TriZetto says hackers accessed insurance eligibility Transaction reports stored on servers. These reports can contain a surprising amount of personal and health information.
Stolen data may include:
- nouns
- birth dates
- home addresses
- Social Security numbers
- Insurance information
- Healthcare provider names
- Demographic data linked to medical records
The company said not every customer was affected by the breach. However, many healthcare organizations confirmed that patient information was compromised. One of them is OCHIN, a nonprofit health technology group that supports nearly 300 rural and community care providers in the United States. Some healthcare providers in California also reported patient data was exposed.
Hackers had access months before discovery
One of the details that raises the most concern is how long attackers may have remained in the company’s systems. TriZetto said it discovered the breach on October 2, 2025. Later investigations revealed that hackers could have access until November 2024.
This means attackers could remain inside the network for about a year. Cognizant spokesman William Abelson said the company removed the threat from its systems after detecting the breach. However, the company did not explain why the intrusion went undetected for so long.
For cybersecurity experts, this type of delay is a serious concern. The longer attackers remain hidden within a network, the more data they can collect.
Violations in health continue to increase
This incident fits with a disturbing trend in the healthcare industry. Medical organizations store highly sensitive information including identification information, insurance records, and personal health data. This combination makes healthcare systems particularly valuable targets for cybercriminals.
A notable example of this occurred in 2024 when ransomware attackers targeted Change Healthcare. The company processes billions of healthcare transactions each year. Hackers stole more than 192 million patient records in this attack. The breach also caused widespread outages across the United States, disrupting prescriptions, billing, and access to medical services. Incidents like these illustrate how attacks on health technology companies can impact patients, hospitals and pharmacies across the country.
HOSPITAL CYBER ATTACKS THREATEN PATIENT SAFETY
The TriZetto breach exposed names, dates of birth, Social Security numbers, insurance details and other health-related data, affecting millions in the US healthcare system. (John Moore/Getty Images)
Why is health data of interest to cybercriminals?
Medical data often sells for more than stolen credit card numbers. A single patient record may include identification information, insurance details and personal medical history. Criminals can use this data for identity theft, insurance fraud and spear phishing scams.
In some cases, attackers can also make fraudulent medical claims using stolen patient information. This makes health technology companies an increasingly common target for cyber attacks.
Ways to stay safe after a healthcare data breach
Most patients have little control over how health technology companies protect their data. However, there are steps you can take to reduce the risk of identity theft after a breach.
1) Carefully review your EOBs and Medicare statements
if there is health insurance or Medicare, Pay close attention to Explanation of Benefits (EOB) statements after doctor visits or procedures. These documents show the invoice issued in your name, even if you have no debt. Look for services you didn’t receive, providers you don’t recognize, or duplicate fees. If there is a problem, report it to your insurer or Medicare immediately. In some cases, fraud may trigger changes to your account, including the issuance of a new Medicare number.
2) Monitor your medical and financial records
Carefully review insurance statements and medical bills. Look for unusual fees or services you’ve never received. Also check your bank and credit card statements for suspicious activity.
3) Freeze your credit
A credit freeze prevents criminals from opening new accounts using your Social Security number. The process is free and available through major credit bureaus. If you need to apply for credit, you can temporarily lift the freeze at any time.
CONTRACT HEALTH DATA BREACH AFFECTS APPROXIMATELY 500,000 PATIENTS
The fact that hackers remained on TriZetto’s network for months before the breach was discovered may have raised new concerns about hidden threats within critical healthcare systems. (Phanphen Kaewwannarat/Getty Images)
4) Check your credit reports
To review credit reports from the three major bureaus, visit AnnualCreditReport.com. Search for accounts, loans or inquiries you don’t recognize. Early diagnosis can prevent bigger problems in the future.
5) Beware of phishing scams
Cybercriminals often follow major breaches with phishing emails or text messages. These messages may appear to be from healthcare providers or insurance companies. Always verify suspicious messages before clicking on links or sharing information. Installing strong antivirus software on your devices can also help block malicious links, detect suspicious downloads, and warn you about dangerous websites. Get my picks for the 2026 winners for the best antivirus protection for your Windows, Mac, Android, and iOS devices at: cyberguy.com.
6) Use a data removal service
Many breaches expose personal details that data brokers collect and sell online. A data removal service may scan intermediary databases and request removal of your personal information. This reduces the chance of scammers finding your contact information and targeting you with fraud.
Check out my top picks for data removal services and run a free scan to see if your personal information is already on the internet by visiting: cyberguy.com.
Take advantage of free scanning to find out if your personal information is already on the internet: cyberguy.com.
7) Consider ID tracking
Identity protection services can alert you if your personal information appears in suspicious transactions or underground data markets. Early warnings can help you act quickly if someone tries to misuse your data. See my tips and top picks for Best Identity Theft Protection at: cyberguy.com.
Kurt’s important takeaways
The TriZetto breach reveals how much personal health data most patients never see flows through tech companies. If one of these systems is compromised, millions of people can be affected simultaneously. As attacks on medical data continue to increase, healthcare providers, insurers and technology vendors must strengthen their cybersecurity protections.
There’s something worth thinking about here. How many companies currently hold your health data that you’ve never even heard of? Let us know by writing to us. cyberguy.com.
CLICK TO DOWNLOAD FOX NEWS APPLICATION
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent safety alerts and special deals straight to your inbox. For simple, real-world ways to spot scams early and stay protected, visit CyberGuy.com – trusted by millions of people who watch CyberGuy on TV every day. Additionally, you will have instant access to my information. The Ultimate Scam Survival Guide It’s free when you join.
Copyright 2026 CyberGuy.com. All rights reserved.
