Health technology provider TriZetto has confirmed that a cyberattack on its systems led to the theft of personal and medical information belonging to more than 3.4 million people, raising fresh concerns about the security of the U.S. healthcare infrastructure.

TriZetto, owned by Cognizant, supplies software and services used by hundreds of thousands of healthcare providers to verify patients’ insurance eligibility and process claims. Its platforms touch the records of an estimated 200 million people nationwide, making it a critical, if largely invisible, backbone of the healthcare system.

According to a breach notification filed with the Maine attorney general, attackers accessed and exfiltrated insurance eligibility transaction reports stored on TriZetto’s servers. These reports typically contain a detailed snapshot of a patient’s identity and coverage at the time of a medical visit.

The compromised data includes names, dates of birth, home addresses, and Social Security numbers, along with information tied directly to healthcare: provider names, demographic details, and insurance and treatment-related data. While TriZetto has not publicly attributed the attack to a specific group, the breadth of information involved makes the trove highly valuable for identity theft, insurance fraud, and targeted scams.

TriZetto said it discovered the breach on October 2, 2025, but subsequent investigation revealed that the intruders had maintained access since November 2024. The nearly year-long dwell time underscores how quietly sophisticated attackers can operate inside complex healthcare networks before being detected.

A spokesperson for Cognizant did not respond to questions about how the intrusion went unnoticed for so long or what specific security failures allowed it. The company has said that not all customers were affected, but has not disclosed a full list of impacted organizations.

Several healthcare entities have begun notifying patients that their data was swept up in the incident. Among them is OCHIN, a nonprofit that provides health IT services to roughly 300 community and rural clinics across the country, as well as multiple providers in California and other states.

The TriZetto breach follows a series of major cyber incidents in the health sector, including the Change Healthcare ransomware attack that disrupted pharmacies and hospitals nationwide and exposed tens of millions of patient records. Together, these incidents highlight how deeply patient care now depends on a fragmented network of third-party technology vendors, and how vulnerable that network remains to determined attackers.