TriZetto Data Breach Triggers Multiple Class-Action Lawsuits Against Cognizant in US

According to a report by Bloomberg Law, Cognizant Technology Solutions Corp. is facing multiple proposed class action lawsuits in the US following a data breach at its healthcare division, TriZetto Provider Solutions. This week, three lawsuits were submitted to US district courts in Missouri and New Jersey.

The allegations claim that TriZetto, which offers revenue management and healthcare claims services, neglected to safeguard personal information and failed to promptly notify those impacted by a cyberattack. According to the petitioners, hackers gained access to the company's systems in November 2024, but it took nearly a year for the breach to be discovered or reported. Additionally, they claim that it is yet unknown how many people are impacted overall.

Allegations Tossed at Cognizant

Cognizant is also accused in the cases of failing to disclose crucial information on the cyberattack, such as how the breach occurred, which system flaws were used, and the precautions taken to avoid similar breaches in the future. Individuals who filed the lawsuits, including citizens of Arizona and California, allege that private data, including home addresses, bank account information, and social security numbers, was compromised.

According to some petitioners, the delay prevented them from taking precautions against financial loss and identity theft. Mint claims that the cases are seeking over $5 million in damages and legal fees. The petitioners have requested regular independent security assessments, jury trials, compensation for losses, and directives for the corporation to remove personal information unless absolutely necessary.

Cognizant’s Response

Cognizant says it identified the improper access only in October 2025. TriZetto expressed sorrow for the inconvenience and stated that the company takes data protection seriously. However, Cognizant stated that as the issue is being litigated, it is unable to speak further.

The lawsuits occur at a time when fraudsters are increasingly targeting IT and healthcare companies because of the volume of sensitive data they handle. Companies like Tata Consultancy Services and Infosys have also experienced cyber intrusions in recent years.