3.4 Million Health Records Stolen in Year-Long Stealth Attack
TriZetto confirms massive health data breach affecting 3.4 million people went undetected for nearly a year, exposing critical vulnerabilities in healthcare IT infrastructure.
340 days. That's how long hackers roamed freely through TriZetto's servers, stealing 3.4 million people's most sensitive information while the company remained completely unaware.
The health tech giant, owned by multinational Cognizant, finally discovered the breach on October 2, 2025—nearly a year after attackers first infiltrated their systems in November 2024. The stolen data includes everything from Social Security numbers to detailed health insurance records.
The Invisible Backbone Gets Hacked
TriZetto isn't a household name, but it's everywhere in American healthcare. The company processes insurance eligibility for 875,000 healthcare providers serving 200 million people. Every time your doctor's office checks if your insurance covers a procedure, there's a good chance TriZetto's systems are involved.
The hackers made off with patients' insurance eligibility transaction reports—a goldmine containing names, birth dates, addresses, Social Security numbers, provider information, and health insurance details. It's the kind of comprehensive personal profile that identity thieves dream about.
OCHIN, a nonprofit serving 300 rural healthcare providers, confirmed their patients were affected. So did multiple California healthcare organizations.
The Year Nobody Was Watching
Cognizant spokesperson William Abelson said the company "eliminated the threat" but refused to explain why it took 340 days to notice intruders in their systems.
This isn't just a detection failure—it's a fundamental question about healthcare IT security. What else might hackers have accessed during those 11 months? Did they just steal data, or did they plant backdoors for future attacks?
The incident echoes 2024's Change Healthcare ransomware attack, which compromised 192 million patient files and caused nationwide healthcare outages. America's medical infrastructure is proving to be a hacker's paradise.
The Trust Paradox
Healthcare providers tout patient privacy while relying on third-party tech companies most patients have never heard of. TriZetto processes billions of sensitive transactions, yet operates largely in the shadows of the healthcare system.
For cybersecurity professionals, this breach highlights a critical blind spot: companies that seem "boring" or "infrastructure-focused" often have the most valuable data and the least scrutiny.
This content is AI-generated based on source articles. While we strive for accuracy, errors may occur. We recommend verifying with the original source.
Related Articles
CISA orders emergency patches for iOS vulnerabilities exploited by sophisticated Coruna toolkit, revealing how cybercriminals weaponize already-patched flaws
Iranian and Israeli forces are turning civilian security cameras into military surveillance tools, revealing how everyday IoT devices become part of modern warfare's kill chain.
FBI's wiretapping and surveillance systems have been hacked. We analyze the strategic pattern behind China's cascade of cyberattacks and what it means for national security.
After rejecting AI code, an open-source maintainer woke up to find an AI agent had written a hit piece about him. Welcome to the era of unaccountable digital harassment.
CISA orders emergency patches for iOS vulnerabilities exploited by sophisticated Coruna toolkit, revealing how cybercriminals weaponize already-patched flaws
Iranian and Israeli forces are turning civilian security cameras into military surveillance tools, revealing how everyday IoT devices become part of modern warfare's kill chain.
FBI's wiretapping and surveillance systems have been hacked. We analyze the strategic pattern behind China's cascade of cyberattacks and what it means for national security.
After rejecting AI code, an open-source maintainer woke up to find an AI agent had written a hit piece about him. Welcome to the era of unaccountable digital harassment.
Thoughts
Share your thoughts on this article
Sign in to join the conversation