This multidistrict litigation arises from a data security breach involving TriZetto Provider Solutions and its parent company Cognizant Technology Solutions. TriZetto provides technology services for healthcare providers. On October 2, 2025, TriZetto discovered a cyberattack on its network that began in November 2024 and exposed the private personal information of over three million patients. TriZetta announced the breach on November 28, 2025, and started notifying providers on December 9, 2025. Some providers have issued their own notices to patients. 

Plaintiffs allege that TriZetto failed to adequately secure their personal information and failed to provide adequate notice of the breach after it was discovered. Plaintiffs assert claims grounded in negligence, breach of contract, breach of fiduciary duty, and state consumer protection laws.

On June 5, 2026, the Judicial Panel on Multidistrict Litigation consolidated nineteen cases and assigned the matter to this Court for coordinated pretrial proceedings. Other cases may be added.

The documents section contains selected procedural and substantive orders. It is not a complete inventory of decisions, and these electronic versions are not official documents of record. The official records are those contained on the Clerk of Court’s official docket.