TriZetto Provider Solutions (“TPS”) recently experienced a cybersecurity incident that affected certain protected health information of certain of its healthcare provider customers’ patients. TPS provides billing-related services to healthcare providers, such as hospitals, health systems, and physician practices.
This notice explains the incident, the measures TPS has taken in response, and the steps individuals can take for further protection.
What Happened?
On October 2, 2025, TPS became aware of suspicious activity within a web portal that some of TPS’s healthcare provider customers use to access its systems. Upon discovering the incident, TPS quickly launched an investigation and took steps to mitigate the issue. TPS also engaged external cybersecurity experts and notified law enforcement.
TPS determined that, beginning in November 2024, an unauthorized actor began accessing some records related to insurance eligibility verification transactions that healthcare providers process to assess insurance coverage for treatment services they provide to patients. A thorough review of the affected data was conducted to identify what information was involved and the individuals to whom the data related.
What information was involved?
The affected data varied by individual and may have included the following information for patients and primary insureds: name, address, date of birth, Social Security number, health insurance member number (which, for some individuals, may be a Medicare beneficiary identifier), health insurer name, primary insured or dependent information, and other demographic, health, and health insurance information. The incident did not affect any payment card, bank account, or other financial information. At this time, TPS is not aware of any identity theft or fraud related to the use of any affected individual’s information.
What TPS is doing?
After becoming aware of the incident, TPS immediately took additional protective measures to safeguard its systems and worked with leading cybersecurity experts to conduct a comprehensive investigation of the incident. TPS notified law enforcement and implemented additional security protocols designed to enhance the security of its services.
TPS notified affected providers beginning on December 9, 2025, and offered to make all legally required notices on their behalf. For those providers that accepted the offer, TPS is currently notifying affected individuals at their last known addresses.
TPS is offering affected individuals complementary identity monitoring services including credit monitoring, fraud consultation, and identity theft restoration services.
What can affected individuals do?
If you believe that you may have been affected by this incident and would like to enroll in credit monitoring services at no charge, click the activate now button on the right-hand side of the page or call the dedicated, toll-free call center at (844) 572-2725 between 8:00 a.m. and 5:30 p.m. Central Time, excluding major U.S. holidays.
In order for you to receive the Kroll services, you must enroll by May 8, 2026.
Although TPS has no evidence that any affected individual’s information has been subject to identity theft or fraud, TPS encourages individuals to remain vigilant against incidents of identity theft and fraud, review account statements, and monitor their free credit reports for suspicious activity and to detect errors. Instructions and general information about identity theft protection are provided below.
TPS regrets that this incident occurred and any concern it may cause. TPS takes the confidentiality and security of personal information very seriously and will continue to take steps to prevent a similar incident from occurring in the future.