Cognizant faces multiple US class-action lawsuits following TriZetto data breach
Cognizant Technology Solutions faces multiple class-action lawsuits in US federal courts following a data breach at TriZetto Provider Solutions that exposed sensitive information of at least 100 individuals. The breach allegedly occurred from November 2024 but wasn't discovered until October 2, 2025, compromising Social Security numbers, financial details, and addresses. Plaintiffs criticize delayed notifications and insufficient public disclosures about remedial measures.
*this image is generated using AI for illustrative purposes only.
Cognizant Technology Solutions is facing multiple class-action lawsuits in US federal courts following a significant data breach at its healthcare claims processing unit, TriZetto Provider Solutions. The legal challenges highlight growing concerns about cybersecurity vulnerabilities in healthcare IT operations that handle sensitive patient data.
Legal Proceedings and Court Filings
According to court filings reported by Bloomberg Law, at least three lawsuits were filed in federal courts in New Jersey and Missouri. The legal actions accuse Cognizant and its TriZetto Provider Solutions unit of failing to adequately protect sensitive personal information and provide timely breach notifications to affected individuals.
| Case Details: | Information |
|---|---|
| Filing Courts: | New Jersey and Missouri federal courts |
| Number of Lawsuits: | At least three cases |
| Affected Individuals: | At least 100 across multiple states |
| Plaintiff States: | Arizona, California, and others |
Breach Timeline and Impact
The lawsuits allege that hackers gained unauthorized access to TriZetto Provider Solutions systems as early as November 2024. However, Cognizant reportedly did not discover the intrusion until October 2, 2025, leaving protected private data exposed for nearly a year.
The breach compromised various types of sensitive personal information:
- Social Security numbers
- Financial account details
- Home addresses
- Other protected private data
Plaintiff Allegations
Class-action complaints criticize several aspects of Cognizant's handling of the breach. Plaintiffs contend that the company failed to promptly inform affected parties once it became aware of the incident. The lawsuits also criticize the lack of detail in public disclosures about the breach, including insufficient information about the root cause and remedial measures taken.
Plaintiffs argue that the delay in notification may have impeded victims' ability to protect themselves from identity theft or fraud, potentially exposing them to ongoing security risks.
Company Response
Cognizant and TriZetto have stated they take data protection seriously. A TriZetto spokesperson acknowledged the incident, stating the company "takes the protection of information very seriously and regrets any inconvenience this incident may have caused." However, the spokesperson declined to provide further comment due to ongoing litigation.
The company has not disclosed any estimate of possible financial impact from the breach or the resulting legal proceedings. The number of potential plaintiffs and the full extent of the data compromised remain unclear.
Industry Implications
The legal exposure comes as healthcare IT operations become increasingly critical in handling sensitive patient data and healthcare claims for providers and insurers. The incident underscores the growing stakes of cybersecurity failures in the healthcare sector, where data breaches can have far-reaching consequences for both companies and affected individuals.
15
