Health tech breach exposes 3.4M patient records
News

Health tech breach exposes 3.4M patient records

Jimmie Dempsey
Jimmie Dempsey

NEWYou can now listen to Fox News articles!

Another major healthcare cyberattack has surfaced, and it involves a company most patients have never heard of. A health technology company that helps doctors verify insurance coverage has confirmed hackers stole personal and medical information belonging to more than 3.4 million people. The company, TriZetto, operates behind the scenes in the U.S. healthcare system, helping providers check patient insurance before treatments.

The breach raises new questions about how long attackers can remain inside critical healthcare systems before anyone notices. Here is what happened and why it matters.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. For simple, real-world ways to spot scams early and stay protected, visit CyberGuy.com –  trusted by millions who watch CyberGuy on TV daily. Plus, you’ll get instant access to my Ultimate Scam Survival Guide free when you join.

The insurance verification company behind the breach

TriZetto may not be a household name, but its technology plays a major role in everyday healthcare transactions. The company is owned by the multinational technology firm Cognizant and provides tools that healthcare providers use to verify insurance eligibility and process coverage checks before treatment. When a doctor’s office confirms whether your insurance will cover a visit or procedure, that request often travels through systems like TriZetto.

$163K IN FAKE MEDICAL BILL CHARGES; AI UNCOVERS IT FOR YOU
 

According to the company, its services help support healthcare operations tied to about 200 million people through more than 875,000 providers across the United States. That scale also makes the company an attractive target for cybercriminals.

What hackers stole in the TriZetto data breach

TriZetto said hackers accessed insurance eligibility transaction reports stored on its servers. Those reports can contain a surprising amount of personal and health information.

The stolen data may include:

  • Names
  • Dates of birth
  • Home addresses
  • Social Security numbers
  • Insurance information
  • Healthcare provider names
  • Demographic data connected to medical records

The company said not every customer was affected by the breach. However, several healthcare organizations have confirmed that patient information was compromised. One of them is OCHIN, a nonprofit healthcare technology group that supports about 300 rural and community care providers across the United States. Some healthcare providers in California have also reported that their patient data was exposed.

Hackers had access for months before discovery

One of the most concerning details is how long the attackers may have been inside the company’s systems. TriZetto said it discovered the breach on October 2, 2025. Later investigation revealed that hackers may have gained access as far back as November 2024.

That means attackers could have remained inside the network for nearly a year. Cognizant spokesperson William Abelson said the company removed the threat from its systems after identifying the breach. However, the company has not explained why the intrusion went undetected for so long.

For cybersecurity experts, this type of delay is a serious concern. The longer attackers stay hidden inside a network, the more data they can collect.

Healthcare breaches continue to grow

This incident fits into a troubling trend across the healthcare industry. Medical organizations store highly sensitive information that includes identity details, insurance records and personal health data. That combination makes healthcare systems especially valuable targets for cybercriminals.

A major example occurred in 2024 when ransomware attackers targeted Change Healthcare. The company processes billions of healthcare transactions each year. Hackers stole more than 192 million patient records in that attack. The breach also caused widespread outages that disrupted prescriptions, billing and access to medical services across the United States. Events like these show how attacks on health technology companies can affect patients, hospitals and pharmacies across the country.

HOSPITAL CYBERATTACKS THREATEN PATIENT SAFETY
 

Two patients sit in hospital gowns.

Why healthcare data attracts cybercriminals

Medical data often sells for more than stolen credit card numbers. A single patient record can include identity information, insurance details and personal medical history. Criminals can use that data for identity theft, insurance fraud and targeted phishing scams.

In some cases, attackers also file fraudulent medical claims using stolen patient information. That makes health technology companies an increasingly common target for cyberattacks.

Ways to stay safe after a healthcare data breach

Most patients have little control over how healthcare technology companies protect their data. Still, there are steps you can take to reduce the risk of identity theft after a breach.

1) Review your EOBs and Medicare statements carefully

If you have health insurance or Medicare, pay close attention to Explanation of Benefits (EOB) statements after doctor visits or procedures. These documents show what was billed in your name, even if you do not owe anything. Look for services you did not receive, unfamiliar providers or duplicate charges. If something looks off, report it to your insurer or Medicare immediately. In some cases, fraud can trigger changes to your account, including issuing a new Medicare number.

2) Monitor your medical and financial records

Review insurance statements and medical bills carefully. Look for unfamiliar charges or services you never received. Also, check your bank and credit card statements for suspicious activity.

3) Freeze your credit

A credit freeze prevents criminals from opening new accounts using your Social Security number. The process is free and available through the major credit bureaus. You can temporarily lift the freeze anytime if you need to apply for credit.

COVENANT HEALTH DATA BREACH AFFECTS NEARLY 500,000 PATIENTS
 

A stethoscope sits next to a laptop.

4) Check your credit reports

Visit AnnualCreditReport.com to review your credit reports from the three major bureaus. Look for accounts, loans or inquiries you do not recognize. Early detection can prevent larger problems later.

5) Watch for phishing scams

Cybercriminals often follow large breaches with phishing emails or text messages. These messages may pretend to come from healthcare providers or insurers. Always verify suspicious messages before clicking links or sharing information. Installing strong antivirus software on your devices can also help block malicious links, detect suspicious downloads and warn you about dangerous websites. Get my picks for the best 2026 antivirus protection winners for your Windows, Mac, Android & iOS devices at Cyberguy.com

6) Use a data removal service

Many breaches expose personal details that data brokers collect and sell online. A data removal service can scan broker databases and request the removal of your personal information. This reduces the chances that scammers find your contact details and target you with fraud. 

Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com

Get a free scan to find out if your personal information is already out on the web: Cyberguy.com

7) Consider identity monitoring

Identity protection services can alert you if your personal information appears in suspicious transactions or on underground data marketplaces. Early alerts can help you act quickly if someone tries to misuse your data. See my tips and best picks on Best Identity Theft Protection at Cyberguy.com

Kurt’s key takeaways

The TriZetto breach highlights how much personal health data flows through technology companies that most patients never see. When one of those systems is compromised, millions of people can be affected at once. Healthcare providers, insurers and technology vendors must strengthen cybersecurity protections as attacks on medical data continue to rise.

Here is something worth thinking about. How many companies currently hold your health data that you have never even heard of? Let us know by writing to us at Cyberguy.com

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. For simple, real-world ways to spot scams early and stay protected, visit CyberGuy.com –  trusted by millions who watch CyberGuy on TV daily. Plus, you’ll get instant access to my Ultimate Scam Survival Guide free when you join.

Copyright 2026 CyberGuy.com.  All rights reserved.

Read the full article here

You Might Also Like

Where addicts in Philadelphia bow to tranq, I saw why God hasn’t given up on America yet

DOGE says agencies cut $1.6B in federal contracts, flags spending on Somalia, HHS web services

Strategy session: Trump’s team huddles on midterm messaging with spotlight on economy

Ilhan Omar claims ICE pulled over her son during ‘racial profiling’ sweep amid Trump’s crackdown in Minnesota

Teacher pleads guilty to sexually abusing 15-year-old student weeks after giving birth: report

Share This Article
Leave a Comment

Leave a Reply

Your email address will not be published. Required fields are marked *

We Recommend