Health tech giant TriZetto has confirmed that more than 3.4 million people’s personal and health information was stolen in a 2024 cyberattack, which the company failed to detect for almost a year.

The tech company, owned by multinational conglomerate Cognizant, serves around 200 million people across 875,000 healthcare providers throughout the U.S., according to its website. Doctors’ offices and healthcare providers use TriZetto to assess patients’ insurance for medical treatments.

TriZetto said in a filing with Maine’s attorney general on Friday that hackers stole patients’ insurance eligibility transaction reports from the company’s servers.

The data includes personal information like patients’ names, dates of birth, home addresses, and Social Security numbers, as well as information about their healthcare, such as their provider’s name, demographic data, and health and insurance details.

TriZetto said it identified the breach on October 2, 2025, but later discovered that the hackers had access as far back as November 2024. 

A spokesperson for Cognizant did not immediately respond to a request for comment, including why it took the company a year to detect the breach.

Several organizations have confirmed that their patients’ information was compromised in the cyberattack. One of these is OCHIN, a nonprofit consultancy firm that provides healthcare technology to some 300 rural and community care providers across the United States. Other healthcare providers across California have also confirmed.

According to TriZetto, not every customer was affected by the breach.

TriZetto is the latest major health tech company to confirm a hack in recent years. 

In 2024, a ransomware attack at Change Healthcare, another health tech giant that processes some 15 billion healthcare transactions, allowed hackers to make off with more than 192 million patient files. The cyberattack sparked outages across the U.S., leaving many without access to medical treatments or medications.