Fieldtex and TriZetto Healthcare Data Breaches Impacting Patient Information
Medical supply fulfillment vendor Fieldtex Products and revenue cycle management software firm TriZetto Provider Solutions have disclosed recent hacking incidents that compromised protected health information. Fieldtex, based in Rochester, New York, reported that over 274,000 individuals may have been affected by an August breach, submitting four separate reports to the U.S. Department of Health and Human Services' Office for Civil Rights. The company is notifying affected individuals on behalf of its health plan clients, as required under HIPAA regulations.
TriZetto, owned by Cognizant, has also begun notifying an undisclosed number of clients and their patients about a separate hacking incident. Both companies, as HIPAA business associates, are among the latest in the healthcare sector to reveal breaches that potentially expose sensitive patient data, highlighting ongoing risks to the security of healthcare information managed by third-party vendors.
Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
3 events from the most recent confirmed update back to the earliest known activity.
Fieldtex notifies affected parties and offers support
Fieldtex notified affected patients and health plans about the August breach, brought in forensic investigators, implemented additional security measures, and offered support including credit monitoring. The company said it had no evidence so far that the exposed information had been misused.
TriZetto discloses separate hacking incident under investigation
By December 2025, TriZetto Provider Solutions disclosed a recent hacking incident affecting an undisclosed number of clients and patients. The Cognizant-owned company said it engaged Mandiant and notified law enforcement as investigations continued.
Fieldtex suffers hacking incident affecting healthcare data
In August 2025, Fieldtex Products experienced a hacking incident that potentially compromised protected health information tied to more than 274,000 individuals. The company did not disclose whether data was exfiltrated or whether any ransom demand was made.
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
2 references tracked. Mallory keeps watching after this page renders.
See the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
TriZetto Provider Solutions Data Exfiltration Affecting Healthcare Client Insurance Data
**TriZetto Provider Solutions** (a Cognizant business unit providing revenue cycle management and claims clearinghouse services) is notifying more than **3.4 million individuals** after investigators determined threat actors accessed and exfiltrated healthcare clients’ **insurance-related data**. The activity reportedly began in **November 2024** but was not detected until **October 2025**, indicating a prolonged period of unauthorized access before discovery. The incident was reported to the U.S. Department of Health and Human Services via the **HIPAA Breach Reporting Tool** as impacting approximately **3.43 million** people, while TriZetto has not publicly specified how many healthcare customers were affected. Multiple healthcare organizations have publicly stated they were impacted and have issued their own patient notifications, underscoring downstream exposure risk for providers relying on TriZetto’s billing and claims processing services.
Mar 21, 2026
TriZetto Provider Solutions Notifies Patients of Data Breach Exposure
TriZetto Provider Solutions sent breach notification letters warning affected individuals that their personal information may have been exposed in a security incident, and offered identity monitoring and fraud support services. The notices say the company had not found evidence of identity theft or fraud tied to the incident at the time of mailing, but urged recipients to closely monitor account statements, review credit reports, and report suspicious activity to their financial institutions. The notification materials also outline consumer protection steps available to impacted people, including placing fraud alerts, requesting security freezes, and obtaining police reports where applicable under state law. TriZetto provided a dedicated assistance line and enrollment instructions for complimentary identity protection services, indicating a broad, regulated breach response affecting patient or consumer data handled through its provider solutions business.
May 27, 2026
Third-Party Healthcare and Benefits Service Provider Breaches Expand to Millions of Victims
Health insurance technology provider **TriZetto Provider Solutions** (a Cognizant subsidiary) updated breach notifications indicating the impact of its **November 2024** intrusion has grown to **more than 3.4 million** affected individuals. Disclosures to state regulators and downstream notifications from county governments and healthcare providers indicate theft of sensitive personal data including **addresses, Social Security numbers, and health insurance identifiers**, with some jurisdictions reporting hundreds of thousands of impacted residents. Separately, the **Conduent** incident has expanded dramatically in public filings, with reported totals rising from roughly **10.5 million** to **more than 25 million** affected individuals across the US, including a major increase in **Texas** (reported at **15.4 million**) while **Oregon** remains around **10.5 million**. Reporting indicates attackers maintained access for roughly **three months** and exfiltrated about **8 TB** of data, underscoring the systemic risk posed by large, behind-the-scenes vendors that support **Medicaid/SNAP and other state benefit programs**, healthcare-related processing, and major employer services—creating a wide “blast radius” even for individuals unfamiliar with the vendor name.
Mar 21, 2026