News

Healthcare cyberattack hits TriZetto, affecting 3.4 million people

The hack raises new questions about how long attackers can remain inside critical healthcare systems before anyone notices. Here’s what happened and why it matters.

Sign up for my free CyberGuy report
Get the best tech tips, breaking security alerts, and exclusive deals delivered straight to your inbox. For simple, realistic ways to spot scams early and stay protected, Visit CyberGuy.com – Trusted by millions who watch CyberGuy on TV daily. In addition, you will get instant access to my The ultimate scam survival guide Free when you join.

Insurance company verified behind the breach

TriZetto may not be a household name, but its technology plays a key role in everyday healthcare transactions. The company is owned by multinational technology company Cognizant and provides tools that healthcare providers use to verify insurance eligibility and process coverage checks prior to treatment. When a doctor’s office confirms whether your insurance will cover a visit or procedure, that request often goes through systems like TriZetto.

$163,000 in fake medical billing fees; AI reveals to you

The doctor uses a tablet.

A major healthcare cyberattack exposed personal and medical information linked to more than 3.4 million people after hackers breached TriZetto, an insurance verification company owned by Cognizant. (Spanish Images/Getty)

According to the company, its services help support healthcare-related operations for approximately 200 million people through more than 875,000 providers across the United States. This scale also makes the company an attractive target for cybercriminals.

What hackers stole in the TriZetto data breach

TriZetto said hackers accessed it Insurance eligibility Transaction reports stored on its servers. These reports can contain a surprising amount of personal and health information.

Stolen data may include:

  • Names
  • Dates of birth
  • Home addresses
  • Social Security numbers
  • Insurance information
  • Names of health care providers
  • Demographic data linked to medical records

The company said that not all customers were affected by the breach. However, several healthcare organizations have confirmed this Patient information has been compromised. One is OCHIN, a nonprofit healthcare technology group that supports about 300 rural and community care providers across the United States. Some California health care providers also reported that their patients’ data had been exposed.

The hackers had access for several months before being discovered

One of the most troubling details is how long the attackers were inside the company’s systems. TriZetto said it discovered the hack on October 2, 2025. Subsequent investigations revealed that hackers may have had access to the site as early as November 2024.

This means that the attackers could have remained inside the network for approximately a year. Cognizant spokesman William Abelson said the company removed the threat from its systems after identifying the breach. However, the company did not explain why the hack went undetected for so long.

For cybersecurity experts, this kind of delay is a serious concern. The longer The attackers remain hidden Within the network, the more data they can collect.

Health care violations continue to grow

This incident fits into a troubling trend across the health care industry. Medical organizations store highly sensitive information that includes identity details, insurance records, and personal health data. This combination makes healthcare systems particularly valuable targets for cybercriminals.

A prime example occurred in 2024 when ransomware attackers Targeted healthcare change. The company processes billions of healthcare transactions every year. Hackers stole more than 192 million patient records in this attack. The hack also caused widespread outages that disrupted prescriptions, billing, and access to medical services across the United States. Events like this show how attacks on health technology companies can impact patients, hospitals and pharmacies across the country.

Cyberattacks on hospitals threaten patient safety

Two patients sitting in hospital gowns.

The TriZetto breach exposed names, dates of birth, Social Security numbers, insurance details and other health-related data, impacting millions across the US healthcare system. (John Moore/Getty Images)

Why does healthcare data attract cybercriminals?

Medical data is often sold for more than just stolen credit card numbers. A single patient record can include identification information, insurance details, and personal medical history. Criminals can use this data for identity theft, insurance fraud, and targeted phishing scams.

In some cases, attackers also submit fraudulent medical claims using stolen patient information. This makes health technology companies an increasingly common target of cyberattacks.

Ways to stay safe after a healthcare data breach

Most patients have little control over how healthcare technology companies protect their data. However, there are steps you can take to reduce the risk of identity theft after a breach.

1) Review your EOBs and Medicare statements carefully

If you have Health insurance or medical care, Pay close attention to Explanation of Benefits (EOB) statements after doctor visits or procedures. These documents show what has been billed in your name, even if you don’t owe anything. Look for services you didn’t receive, unfamiliar providers, or duplicate charges. If something seems abnormal, report it to your insurance company or Medicare immediately. In some cases, fraud can result in changes being made to your account, including the issuance of a new Medicare number.

2) Monitor your medical and financial records

Review your insurance statements and medical bills carefully. Look for unusual charges or services that you never received. Also check your bank and credit card statements for any suspicious activity.

3) Freeze your credit

A credit freeze prevents criminals from opening new accounts using your Social Security number. This process is free and available through the major credit bureaus. You can temporarily lift the freeze at any time if you need to apply for credit.

The Covenant health data breach affects approximately 500,000 patients

A stethoscope lies next to a laptop.

The hackers may have been inside the TriZetto network for months before the breach was discovered, raising new concerns about hidden threats within critical healthcare systems. (Fanvin Kiwanarat/Getty Images)

4) Check your credit reports

Visit AnnualCreditReport.com to review your credit reports from the three major bureaus. Find accounts, loans or inquiries you don’t recognize. Early detection can prevent bigger problems later.

5) Watch out for phishing messages

Cybercriminals often track major breaches through phishing emails or text messages. These messages may pretend to be coming from healthcare providers or insurance companies. Always check suspicious messages before clicking links or sharing information. Installing powerful antivirus software on your devices can also help block malicious links, detect suspicious downloads, and warn you about dangerous websites. Get my picks for the best antivirus protection winners of 2026 for Windows, Mac, Android, and iOS at Cyberguy.com.

6) Use a data removal service

Many breaches expose personal details that data brokers collect and sell online. The data removal service can scan the broker’s databases and request the removal of your personal information. This reduces the chances of scammers finding your contact details and targeting you for fraud.

Check out my top picks for data removal services and get a free check to see if your personal information really exists on the web by visiting Cyberguy.com.

Get a free check to see if your personal information is already on the web: Cyberguy.com.

7) Consider identity monitoring

Identity protection services can alert you if your personal information appears in Suspicious transactions Or in confidential data markets. Early alerts can help you act quickly if someone tries to misuse your data. See my tips and top picks for the best identity theft protection at Cyberguy.com.

Key takeaways for Kurt

The TriZetto breach highlights the amount of personal health data that flows through tech companies and that most patients never see. When one of these systems is compromised, millions of people can be affected simultaneously. Healthcare providers, insurers, and technology vendors must strengthen cybersecurity protections as attacks on medical data continue to increase.

Here’s something worth thinking about. How many companies currently hold your health data that you’ve never heard of? Let us know by writing to us at Cyberguy.com.

Click here to download the FOX NEWS app

Sign up for my free CyberGuy report
Get the best tech tips, breaking security alerts, and exclusive deals delivered straight to your inbox. For simple, realistic ways to spot scams early and stay protected, Visit CyberGuy.com – Trusted by millions who watch CyberGuy on TV daily. In addition, you will get instant access to my The ultimate scam survival guide Free when you join.

Copyright 2026 CyberGuy.com. All rights reserved.

Curt “CyberGuy” Knutson is an award-winning technology journalist with a deep love for technology, equipment and gadgets that make life better through his contributions to Fox News and FOX Business morning starters on “FOX & Friends.” Do you have a technical question? Get Kurt’s free CyberGuy newsletter, share your voice, a story idea or comment on CyberGuy.com.

Related Posts

Post Comment

You May Have Missed