Cyber Incident Victim: TriZetto Provider Solutions

On October 2, 2025, TriZetto Provider Solutions detected suspicious activity in a web portal used by some of its healthcare provider customers. The breach was later disclosed by the Office of the Maine Attorney General, which reported that over 3.4 million individuals were affected. TriZetto Provider Solutions is a subsidiary of Cognizant Technology Solutions and provides claims management, billing services and related software for hospitals, physician practices and insurers. The firm's platform is marketed as being certified to SOC 2, EHNAC and HITRUST standards.

TriZetto confirmed that no payment card, bank account or other financial details were accessed during the incident. However, the notification indicated that names, addresses, dates of birth, Social Security numbers, health insurance member numbers (including Medicare identifiers), provider names, health insurer names, primary insured information and other demographic, health and health insurance information may have been compromised. The company stated that investigations were conducted with law enforcement and security partners and that additional security protocols have been implemented. TriZetto is providing credit monitoring services to the individuals whose data may have been exposed.

Cognizant, the parent company, experienced a ransomware attack by the Maze group in April 2020 that resulted in estimated costs of $50‑70 million. In 2023, a cyber attack affecting Cognizant led to a lawsuit filed by Clorox, which alleged that a helpdesk employee reset a password without following security procedures, enabling threat actor access to the network. The Clorox lawsuit claimed the incident caused $49 million in damages.