TPS A.I CyberSecurity Scoring
TPS
Company Information
Website:http://www.trizettoprovider.com
Employees number:326
Number of followers:9,031
NAICS:5415
Industry Type:IT Services and IT Consulting
Homepage:trizettoprovider.com
TPS Risk Score (AI oriented)
Between 0 and 549
TPSIT Services and IT Consulting
Updated:
25/05/2026
25/05/2026
336/1000
Critical
C
TPS Global Score (TPRM)
xxxx
TPSIT Services and IT Consulting
Score locked

TPSCritical
Current Score
336C (CRITICAL)
01000
7 incidents
-81 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
345
JUNE 2026
342
MAY 2026
399
Breach
20 May 2026 • TPS
TriZetto Provider Solutions and The Oncology Institute: Oncology Institute Discloses Data Breach
Cybersecurity Incident at The Oncology Institute Exposing Patient Data
335
CRITICAL-64
ONCTRI1779733617
Cybersecurity Incident at The Oncology Institute Confirmed to Expose Patient Data
The Oncology Institute (TOI), a leading oncology provider operating over 100 clinics across five states since 2007, has confirmed that a previously disclosed cybersecurity incident resulted in unauthorized access to patient information. The breach originated from a third-party software vendor, first reported to the SEC in November 2025, though the extent of the impact remained unclear at the time.
On May 20, 2026, Kroll, the vendor’s third-party administrator, notified TOI that the vendor had detected unauthorized access to TOI’s systems, including patient data. TOI stated in an SEC filing that the incident likely affected multiple healthcare providers, with the vendor establishing a patient portal for inquiries and disclosures.
While TOI has not named the vendor, the breach’s scope and timeline suggest TriZetto Provider Solutions a Cognizant-owned healthcare technology company as the likely source. TriZetto, which Kroll also represents, reported a separate breach earlier this year impacting 3.4 million individuals across its customer base.
No ransomware group has claimed responsibility for the attack, and the identity of the threat actors remains unknown. TOI has not provided further details on the number of affected patients or the specific data compromised. The incident adds to a growing trend of healthcare breaches, with recent disclosures affecting hundreds of thousands of individuals at other providers.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
APRIL 2026
395
MARCH 2026
384
FEBRUARY 2026
441
Breach
09 Feb 2026 • TPS
TriZetto Provider Solutions, OCHIN and Terry Reilly Health Services: Terry Reilly Health Services alerts patients to data security breach
TRHS Data Breach Exposes Patient Information via Third-Party Vendor
376
CRITICAL-65
TRIOCHTER1770659813
TRHS Data Breach Exposes Patient Information via Third-Party Vendor
Terry Reilly Health Services (TRHS) has begun notifying patients of a data security incident that may have compromised personal and health-related information. The breach, discovered through TriZetto Provider Solutions (TPS) a third-party vendor for OCHIN, TRHS’s electronic medical record provider prompted immediate action from cybersecurity experts and law enforcement.
TPS contained and neutralized the threat while implementing enhanced security measures to prevent future incidents. Exposed data may include names, addresses, dates of birth, Social Security numbers, health coverage member numbers, insurer details, provider names, and other demographic and health information. Financial data, such as payment cards and bank accounts, was not affected.
Affected individuals will receive notification letters by mail within the next week, along with instructions for enrolling in complimentary identity and credit monitoring services provided by Kroll. Patients will need a unique code from the letter to access the service. TRHS has not disclosed the number of impacted individuals or the exact timeline of the breach.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
JANUARY 2026
436
DECEMBER 2025
495
Breach
15 Dec 2025 • TPS
TriZetto Provider Solutions and BACH: Bay Area Community Health Data Breach Investigation
BACH Data Breach Involving TriZetto Provider Solutions
430
CRITICAL-65
TRIBAC1768252046
BACH Reports Data Breach Affecting Sensitive Patient Information via Third-Party Vendor
BACH, a healthcare provider, recently disclosed a data breach involving the potential exposure of sensitive personal and health information. The incident stemmed from a security compromise at TriZetto Provider Solutions (TPS), a third-party insurance clearinghouse integrated with BACH’s electronic medical record system (OCHIN).
On October 2, 2025, TPS detected suspicious activity on a web portal used by its healthcare provider customers. Following an investigation, TPS confirmed to BACH that an unauthorized third party may have accessed data tied to BACH between November 2024 and October 2, 2025. BACH was formally notified of the breach on December 15, 2025.
The compromised data varies by individual but may include:
- Full names
- Social Security numbers
- Dates of birth
- Contact details
- Health and insurance-related information
In response, BACH published a breach notice on its website, detailing the incident and offering affected individuals complimentary credit monitoring services. The notice includes a breakdown of the exposed data types for impacted parties. The breach highlights the risks of third-party vendor vulnerabilities in healthcare data security.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
NOVEMBER 2025
493
OCTOBER 2025
613
Breach
02 Oct 2025 • TPS
TriZetto Provider Solutions Notifies Healthcare Provider Clients About Data Breach
TriZetto Provider Solutions Data Breach
483
CRITICAL-130
TRI1765483872
TriZetto Provider Solutions Discloses Year-Long Data Breach Affecting Healthcare Clients
TriZetto Provider Solutions, a Cognizant-owned revenue management services provider for healthcare organizations, has begun notifying healthcare clients about a cybersecurity incident involving unauthorized access to a web portal used by providers. The breach was first detected on October 2, 2025, when suspicious activity prompted immediate containment efforts. Cybersecurity firm Mandiant was engaged to investigate, confirming the threat actor had been removed from the system, with no further unauthorized access detected since the discovery.
Forensic analysis revealed the breach had been ongoing since November 2024, nearly a year before detection. The attacker accessed historical eligibility transaction reports containing protected health information (PHI) of patients from affected healthcare clients. Exposed data includes names, addresses, dates of birth, Social Security numbers, health insurance member numbers (including Medicare beneficiary IDs), insurer details, and other demographic and health-related information—though no financial data was compromised.
TriZetto completed its review of the compromised data by late November 2025, identifying the affected individuals and notifying impacted healthcare clients. Under the HIPAA Breach Notification Rule, affected providers must notify individuals within 60 days of being informed, meaning patient notifications are expected by early 2026. TriZetto has offered to manage breach notifications, regulatory filings (including to the HHS’ Office for Civil Rights), and media disclosures on behalf of its clients, as well as cover costs for credit monitoring, fraud consultation, and identity theft restoration services.
The full scope of the breach remains unclear, but given the 11-month window of unauthorized access, the incident could affect a significant number of patients. Updates are expected as further details emerge.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
Breach
02 Oct 2025 • TPS
OCHIN, TriZetto Provider Solutions and SFCHC: San Francisco Community Health Center Data Breach Investigation
SFCHC Data Breach Involving TriZetto Provider Solutions
483
CRITICAL-130
OCHTRISAN1768259195
SFCHC Reports Data Breach Affecting Patient Information via Third-Party Vendor
San Francisco Community Health Center (SFCHC) disclosed a data breach involving sensitive patient information, stemming from a security incident at one of its business associates. On December 12, 2025, SFCHC was alerted by OCHIN a vendor managing its electronic health record system that TriZetto Provider Solutions (TriZetto), a subcontractor handling healthcare eligibility and claims, had experienced unauthorized access to its systems.
TriZetto’s investigation confirmed that an unauthorized third party may have accessed patient data linked to SFCHC between November 2024 and October 2, 2025. The exposed information varies by individual but includes names, Social Security numbers, addresses, dates of birth, and health insurance details such as member numbers, insurer names, and provider information.
SFCHC has since reviewed the impacted data to identify affected individuals and began mailing breach notification letters. In compliance with California regulations, the notices outline the specific types of compromised information and offer complimentary credit monitoring services to those affected. The breach report filed with the California Attorney General’s office provides further details.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
SEPTEMBER 2025
613
AUGUST 2025
610
NOVEMBER 2024
676
Breach
01 Nov 2024 • TPS
TriZetto Provider Solutions: Health insurance tech provider TriZetto says more than 3 million impacted by 2024 breach
Massive U.S. Healthcare Data Breach Exposes Millions in Sensitive Information
659
CRITICAL-17
TRI1772047212
Massive U.S. Healthcare Data Breach Exposes Millions in Sensitive Information
A 2024 data breach at TriZetto Provider Solutions, a healthcare technology company handling over four billion insurance transactions annually, has exposed the sensitive information of 3.4 million people across the U.S. The breach, which began in November 2024, was discovered in October after a hacker accessed historical eligibility reports through a web portal.
Impact and Scope
Initially, Oregon county governments reported that 700,000 residents had data leaked, including Social Security numbers, addresses, and health insurance details. This week, TriZetto updated the figure to 3,433,965 affected individuals, filing breach notifications in New Hampshire, California, South Carolina, Massachusetts, Vermont, and Texas. Only Texas (171,158 victims) and South Carolina (3,562 victims) reported specific numbers. Private medical providers in Oklahoma and other states also confirmed exposure.
Investigation and Response
TriZetto hired Mandiant (Google’s incident response firm) to investigate and contacted law enforcement after discovering the breach. The company began notifying customers in December, with some clients requesting TriZetto file breach reports on their behalf with the U.S. Department of Health and Human Services’ Office for Civil Rights and state agencies. Affected individuals are being offered one year of credit monitoring services.
Company Background
TriZetto, a subsidiary of IT giant Cognizant, provides insurance-eligibility verification software to public and private healthcare providers. Neither company has publicly commented on the breach or confirmed the total number of victims. This incident follows a 2023 lawsuit against Cognizant by Clorox, alleging its help desk was responsible for a cyberattack costing hundreds of millions.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
JANUARY 2024
753
Breach
01 Jan 2024 • TPS
TriZetto Provider Solutions, Cognizant and Wynn Resorts: Wynn Resorts confirms breach, believes data deletion claims
TriZetto Provider Solutions Breach Exposes Data of Over 3.4 Million Individuals
659
CRITICAL-94
TRIWYNCOG1772159592
TriZetto Provider Solutions Breach Exposes Data of Over 3.4 Million Individuals
In a major cybersecurity incident, TriZetto Provider Solutions, a health insurance technology subsidiary of Cognizant, reported that the sensitive data of 3.4 million individuals was stolen in a 2024 breach. The attack, attributed to the ShinyHunters hacking group, compromised employee data and disrupted IT systems, including billing and customer delivery operations.
While Wynn Resorts another victim of ShinyHunters acknowledged a breach and offered credit monitoring services to affected employees, the group later claimed to have deleted the stolen data, a move experts suggest may indicate a ransom payment. However, cybersecurity analysts, including Dray Agha of Huntress, caution that threat actors often retain or sell stolen data despite such assurances, as there is no reliable way to verify deletion claims.
The breach highlights the growing risk of extortion-based cyberattacks, where hackers demand payment in exchange for purported data removal though victims remain vulnerable to future misuse. The incident underscores the challenges organizations face in confirming the true scope of data compromise and the effectiveness of attacker promises.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for TPS ??
What was TPS's A.I Rankiteo Cyber Score in June 2026 ??
What was TPS's A.I Rankiteo Cyber Score in May 2026 ??
What was TPS's A.I Rankiteo Cyber Score in April 2026 ??
What was TPS's A.I Rankiteo Cyber Score in March 2026 ??
What was TPS's A.I Rankiteo Cyber Score in February 2026 ??
What was TPS's A.I Rankiteo Cyber Score in January 2026 ??
What was TPS's A.I Rankiteo Cyber Score in December 2025 ??
What was TPS's A.I Rankiteo Cyber Score in November 2025 ??
What was TPS's A.I Rankiteo Cyber Score in October 2025 ??
What was TPS's A.I Rankiteo Cyber Score in September 2025 ??
What was TPS's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on TPS's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with TPS ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view TPS's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?