TriZetto Provider Solutions and BACH: Bay Area Community Health Data Breach Investigation

BACH Reports Data Breach Affecting Sensitive Patient Information via Third-Party Vendor

BACH, a healthcare provider, recently disclosed a data breach involving the potential exposure of sensitive personal and health information. The incident stemmed from a security compromise at TriZetto Provider Solutions (TPS), a third-party insurance clearinghouse integrated with BACH’s electronic medical record system (OCHIN).

On October 2, 2025, TPS detected suspicious activity on a web portal used by its healthcare provider customers. Following an investigation, TPS confirmed to BACH that an unauthorized third party may have accessed data tied to BACH between November 2024 and October 2, 2025. BACH was formally notified of the breach on December 15, 2025.

The compromised data varies by individual but may include:

• Full names
• Social Security numbers
• Dates of birth
• Contact details
• Health and insurance-related information

In response, BACH published a breach notice on its website, detailing the incident and offering affected individuals complimentary credit monitoring services. The notice includes a breakdown of the exposed data types for impacted parties. The breach highlights the risks of third-party vendor vulnerabilities in healthcare data security.

Source: https://straussborrelli.com/2026/01/12/bay-area-community-health-data-breach-investigation/

TriZetto Provider Solutions cybersecurity rating report: https://www.rankiteo.com/company/trizettoprovider

Baltimore Alliance for Careers in Healthcare cybersecurity rating report: https://www.rankiteo.com/company/bach-baltimore

"id": "TRIBAC1768252046",
"linkid": "trizettoprovider, bach-baltimore",
"type": "Breach",
"date": "12/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'customers_affected': 'Individuals whose data was '
                                              'exposed',
                        'industry': 'Healthcare',
                        'name': 'BACH',
                        'type': 'Healthcare Provider'},
                       {'customers_affected': 'Healthcare provider customers, '
                                              'including BACH',
                        'industry': 'Healthcare IT',
                        'name': 'TriZetto Provider Solutions (TPS)',
                        'type': 'Third-party insurance clearinghouse'}],
 'attack_vector': 'Third-party web portal compromise',
 'customer_advisories': 'Affected individuals notified with details of exposed '
                        'data and offered credit monitoring services',
 'data_breach': {'personally_identifiable_information': ['Name',
                                                         'Social Security '
                                                         'number',
                                                         'Date of birth',
                                                         'Contact information'],
                 'sensitivity_of_data': 'High (SSNs, health/insurance '
                                        'information)',
                 'type_of_data_compromised': ['Personal Identifiable '
                                              'Information (PII)',
                                              'Protected Health Information '
                                              '(PHI)']},
 'date_detected': '2025-10-02',
 'date_publicly_disclosed': '2025-12-15',
 'description': 'BACH experienced a data breach where sensitive personal '
                'identifiable information and protected health information may '
                'have been compromised. The breach involved TriZetto Provider '
                'Solutions (TPS), a third-party insurance clearinghouse, which '
                'reported suspicious activity in its web portal used by '
                'healthcare providers. Unauthorized access occurred between '
                'November 2024 and October 2, 2025, exposing personal and '
                'health-related data.',
 'impact': {'brand_reputation_impact': 'Potential reputational damage due to '
                                       'data breach',
            'data_compromised': 'Sensitive personal identifiable information '
                                'and protected health information',
            'identity_theft_risk': 'High (due to exposure of SSNs and personal '
                                   'data)',
            'systems_affected': 'TriZetto Provider Solutions (TPS) web portal, '
                                'OCHIN electronic medical record system'},
 'initial_access_broker': {'entry_point': 'TPS web portal'},
 'investigation_status': 'Ongoing (as of disclosure)',
 'post_incident_analysis': {'root_causes': 'Third-party vendor compromise (TPS '
                                           'web portal vulnerability)'},
 'references': [{'source': 'BACH Breach Notice'}],
 'regulatory_compliance': {'regulations_violated': ['HIPAA (potential)']},
 'response': {'communication_strategy': "Breach notice posted on BACH's "
                                        'website, notification letters to '
                                        'affected individuals',
              'recovery_measures': 'Provision of complimentary credit '
                                   'monitoring services',
              'remediation_measures': 'Review of impacted data, identification '
                                      'of affected individuals',
              'third_party_assistance': 'TPS launched an investigation'},
 'threat_actor': 'Unauthorized third party',
 'title': 'BACH Data Breach Involving TriZetto Provider Solutions',
 'type': 'Data Breach'}