- TriZetto confirmed a data breach affecting 3.4 million individuals
- Attackers accessed systems from November 2024 until October 2025
- Stolen data includes SSN, birth dates, and insurance information
- Company is offering identity monitoring services to affected users
A major cybersecurity incident has hit healthcare technology provider TriZetto, exposing sensitive personal information belonging to more than 3.4 million individuals. The company confirmed the breach in a filing with the Office of the Maine Attorney General, revealing that unauthorized access to its systems may have lasted for nearly a year before being discovered.
TriZetto said it detected suspicious activity on October 2, 2025, within a web portal used by healthcare providers to access its services. A subsequent investigation revealed that an unidentified threat actor had gained access as early as November 2024. During that time, attackers quietly extracted sensitive patient and insurance data from the system.
The breach highlights once again how healthcare organizations remain prime targets for cybercriminals due to the highly sensitive information they manage.
Attackers Had Access for Nearly a Year
According to the company’s investigation, the attacker maintained access to TriZetto’s systems for approximately eleven months before the suspicious activity was identified. During that period, the threat actor was able to collect a significant amount of patient related information stored within the platform.
TriZetto is a healthcare technology provider that builds digital systems used by hospitals, health insurers, and medical providers. These platforms often handle administrative workflows such as insurance verification, billing, and claims processing, which means they contain large volumes of personal and health related data.
The compromised information reportedly includes patient names, dates of birth, Social Security numbers, health insurance member identification numbers, insurance provider details, and demographic information. In some cases, the data may also include primary insured information connected to healthcare coverage.
Despite the scale of the breach, the company stated that financial payment information was not affected. According to TriZetto, the attackers did not access payment card numbers, bank account information, or other financial transaction details stored within the system.
However, cybersecurity experts often warn that even non financial personal data can be extremely valuable to attackers, particularly when it includes government identification numbers and medical insurance records.
Healthcare Data Remains a Prime Target
Healthcare systems continue to attract cybercriminals because medical data offers long term value on underground marketplaces. Unlike stolen credit card numbers, which can quickly be canceled or replaced, personal and medical records can be exploited for years.
Information such as Social Security numbers, insurance details, and health records can be used for identity theft, fraudulent medical claims, insurance scams, or even targeted phishing campaigns.
TriZetto acknowledged that the breach affected exactly 3,433,965 individuals. The company said that, at the moment, it has not identified any confirmed cases of fraud or identity theft linked directly to the incident.
Still, security analysts often note that stolen data can remain hidden on dark web marketplaces for extended periods before being used. In some cases, information taken during a breach may surface years later as part of broader identity theft operations.
Response and Support for Affected Individuals
Following the discovery of the incident, TriZetto launched an internal investigation and began notifying affected individuals about the breach. The company is also providing complimentary identity theft monitoring services through cybersecurity firm Kroll.
These services typically include credit monitoring, identity theft alerts, and assistance for individuals who may become victims of fraud in the future.
Several healthcare organizations have already confirmed that patient data linked to their services was impacted by the breach. Among them is OCHIN, a nonprofit organization that provides healthcare technology solutions to community clinics and rural healthcare providers across the United States.
Incidents like this underline the growing cybersecurity risks faced by the healthcare sector. Hospitals, insurance providers, and healthcare technology vendors manage enormous volumes of sensitive patient data, making them highly attractive targets for cybercriminal groups seeking valuable personal information.
While TriZetto continues working with affected partners and investigators, the breach serves as another reminder that securing healthcare data remains one of the most critical challenges in the cybersecurity landscape.
Follow TechBSB For More Updates
