Cognizant Data Breach Investigation

Data Breach

By: Jason Rathod

Graphic announcing the Cognizant data breach investigation, featuring the Migliaccio & Rathod LLP logo and a background image of IT work.

Migliaccio & Rathod LLP is investigating the Cognizant Data Breach, impacting over 3.4 million individuals and their personal information.

What Happened?

On October 2, 2025, TriZetto Provider Solutions, a healthcare technology subsidiary of Cognizant, became aware of suspicious activity within a web portal used by certain provider’s customers to access to their system. They launched an investigation and determined that an unauthorized actor had been accessing certain records related to insurance coverage beginning in November 2024. The impacted data may include:

  • Names
  • Addresses
  • Dates of Birth
  • Social Security Numbers
  • Health Insurance Information
  • Medical Information

The Cognizant Data Breach

TriZetto began notifying providers on December 9, 2025. A list of these providers can be found below. Many of these medical providers are providing their own notice letters; TriZetto has also provided certain notices as well. All of the information stolen is likely valuable and dangerous to affected victims. As is likely to be the case with the Cognizant data breach, in previous cyberattacks, victims of data theft have noticed identity theft attempts ranging from fraudulent charges on bank accounts or credit cards, to unauthorized credit card applications, to medical services or government services ordered in their name, to their information being posted on the dark web, to a massive uptick in the number of spam text messages, calls and emails received.

Are you concerned that you might be affected by the Cognizant data breach?

If you have concerns that you have been affected by this data breach, and/or have experienced suspicious activity since November 2024, we would like to hear from you. Please complete the contact form on this page, send us an email at [email protected], or give us a call at (202) 470-3520.

    The following will ask for your contact information so that we may reach you to talk about potential claims. This information is for our records only and will not be shared. By continuing, you consent to the collection of this information for these limited purposes.


    Did you receive a notification that you were affected by the data breach?


    Would you like to join our newsletter to receive notifications about other investigations we're looking into, as well as updates on ongoing cases?

    By submitting this form, you consent to receive marketing, updates, and informative SMS messages from Migliaccio & Rathod LLP at the email and/or phone number provided. Consent is not a condition of purchase. Message & data rates may apply. Message frequency varies. Unsubscribe at any time by replying STOP or Reply HELP for help. Privacy Policy

    Affected Providers

    According to The HIPAA Journal, the affected providers include, but are not limited to, the following:

    • Adapted Integrated Healthcare
    • Asian Americans for Community Involvement
    • Axis Community Health
    • Baltimore City Health Department
    • Bay Area Community Health
    • Benton County Health
    • Best Care
    • Cascadia Health
    • CE-Edinger Medical Group
    • Chattanooga C.A.R.E.S. d/b/a Cempa Community Care
    • Coastal Skin Surgery & Dermatology
    • Colorado Allergy & Asthma Centers
    • Columbia River Health
    • Deschutes County Health Services
    • Erie Family Health Centers
    • Friends of Family Health Center
    • Gardner Health Services
    • Harmony Health Medical Clinic and Family Resource Center
    • Houston Health Department
    • Indian Health Center of Santa Clara Valley
    • Ko-Kwel Wellness Center
    • La Clinica de la Raza
    • La Pine Community Healthcare Center
    • Lifelong Medical Care
    • Lynn Community Health
    • Mendocino Community Health Clinic
    • Mission Neighborhood Health Center
    • Native American Health Center
    • OLE Health (d/b/a CommuniCare + OLE)
    • One Community Health
    • Open Door Community Health Centers
    • Pafford Medical Services (Pafford EMS)
    • Petaluma Health Center
    • Planned Parenthood Northern California
    • Share Ourselves
    • San Francisco Community Health Center
    • Riverland Community Health
    • Santa Barbara County Health Department
    • Santa Cruz Community Health
    • Santa Rosa Community Health Centers
    • Terry Reilly Health Services (Community Health Clinics Inc.)
    • Tiburcio Vasquez Health Center
    • Utah Valley Pediatrics
    • Valley Family Health Care
    • Variety Care
    • Winters Healthcare

    Data Breach FAQ

    I received a notice that my information may have been involved in a data breach. What should I do?

    Take the notification seriously and read it carefully. It should outline what specific information was affected (e.g., name, Social Security number, legal case data). Even if you believe your risk is minimal, it’s best to take proactive steps to protect yourself.

    What immediate actions should I take?

    • Monitor your financial accounts – Regularly check your bank, credit card, and online accounts for unauthorized transactions.
    • Change your passwords – Update passwords for any accounts that may be connected to the breach. Avoid reusing old or similar passwords. Use a password manager if needed.
    • Set up two-factor authentication (2FA) – Enable 2FA on your email, banking, and other sensitive accounts to add an extra layer of protection.
    • Place a fraud alert or credit freeze – Contact one of the three major credit bureaus (Equifax, Experian, TransUnion) to place a fraud alert or freeze your credit report. This makes it harder for someone to open new accounts in your name.

    What is credit monitoring, and how should I use it?

    Credit monitoring tracks your credit report for changes or suspicious activity. If the organization that was breached offers this service for free, it’s highly recommended you enroll. These services can alert you quickly to potential fraud.

    How long do I need to stay vigilant?

    The effects of a data breach can surface months or even years later. Stay alert to signs of identity theft for at least 12–24 months. Keep an eye on your credit reports, mail, and any unfamiliar account activity.

    Who can I contact if I need help?

    You can use the contact details provided in the breach notification. You can also report identity theft to the Federal Trade Commission at www.identitytheft.gov for recovery resources. We are here to be a resource to you. Fill out the contact form above to get in touch with us.

    The lawyers at Migliaccio & Rathod LLP have years of experience in class action litigation against large corporations, including in cases involving data breaches such as this. More information about our current cases and investigations is available on our blog.