Coastal Skin Surgery & Dermatology Data Breach 2026 (TriZetto Vendor): 6,173 Florida Dermatology Patients Exposed. What To Do
Coastal Skin Surgery & Dermatology, a Florida Panhandle dermatology and Mohs surgery group, disclosed in 2026 that its third-party vendor TriZetto Provider Solutions / Cognizant suffered a November 2024 intrusion exposing 6,173 Coastal patients. Part of the ~3.43M aggregate TriZetto breach. Kroll-administered credit monitoring offered. Here is what to do.
You have options. Scroll for the exact action steps, what your provider’s response covers, and what your health data needs beyond credit monitoring.
Timeline
Nov 1, 2024
Unauthorized access to TriZetto Provider Solutions web portal begins
Oct 2, 2025
TriZetto detects suspicious activity
Dec 9, 2025
TriZetto begins notifying provider customers
Jan 26, 2026
TriZetto publishes ~3.43M aggregate victim count; Coastal entry on OCR portal
Nov 1, 2024
Unauthorized access to TriZetto Provider Solutions web portal begins
Oct 2, 2025
TriZetto detects suspicious activity
Dec 9, 2025
TriZetto begins notifying provider customers
Jan 26, 2026
TriZetto publishes ~3.43M aggregate victim count; Coastal entry on OCR portal
Data exposed
01
High-risk identity
Enables financial + identity theft
03
Contact & insurance
Phishing + targeted scams
Class actions filed by
These firms have publicly announced investigations. You may be eligible to join. We are not a law firm and cannot give legal advice.
Your action plan, in five steps.
You have more rights than the notification letter explains. Each step below is a concrete thing you can do today. Full detail and timing in the sections that follow.
01
Accept credit monitoring
It’s the floor of the response. Take it.
02
Freeze your credit
Free at Equifax, Experian, TransUnion.
03
File IRS Form 14039
Prevent fraudulent tax return under your SSN.
04
Review your EOBs
Insurance statements catch medical identity theft early.
05
Stop the ongoing flow
Credit monitoring doesn’t cover your health records. HealthConsent does.
What happened
This breach did not originate at Coastal Skin Surgery’s systems. It is a downstream notification from the TriZetto Provider Solutions (TPS) / Cognizant breach — the ~3.43 million-patient incident at Cognizant’s healthcare-claims-eligibility vendor.
Coastal Skin Surgery & Dermatology is a Florida Panhandle dermatology and Mohs surgery group with locations in Miramar Beach, Panama City Beach, Fort Walton Beach, and along the 30A corridor. Coastal uses TPS for insurance eligibility verification, and patient data flowing through TPS was exposed in the vendor’s intrusion.
Between November 2024 and October 2, 2025 (when TPS detected the intrusion), an unauthorized party accessed a TPS-operated provider web portal. TPS began notifying provider customers on December 9, 2025 and published the ~3.43M aggregate victim count on January 26, 2026. Coastal’s 6,173-patient entry posted to the HHS OCR portal as a downstream filing.
No threat group has publicly claimed responsibility for the TPS intrusion.
TriZetto cluster context
Coastal is one of dozens of provider customers downstream of the TPS breach. The class action exposure sits at the Cognizant/TPS level, not at Coastal directly. Two consolidated federal class actions are pending in the District of New Jersey: Lytle v. TriZetto Provider Solutions LLC (2:25-cv-18938) and Noble v. TriZetto Provider Solutions LLC (2:25-cv-18967), plus additional filings in Missouri federal court.
What was stolen
Per TPS notification (applicable to Coastal patients):
- Full name, home address, date of birth
- Social Security number
- Health insurance member number
- Medicare Beneficiary Identifier (for some)
- Health insurer name, provider name
- Primary insured / dependent information
What is being offered
TPS — not Coastal — runs the response. Affected individuals are directed to the Kroll-administered incident portal at tpsincident.kroll.com. The TPS program includes:
- Complimentary credit monitoring
- Fraud consultation
- Identity theft restoration services
Coastal directs patients to the Kroll portal rather than running its own program.
What to do
- Enroll in the Kroll-administered TPS monitoring program at
tpsincident.kroll.comusing the activation code from your letter. - Place free credit freezes at all three bureaus. Full SSN is in scope.
- File IRS Form 14039.
- Watch your Medicare Summary Notice for unfamiliar dermatology or other claims.
- Stop the ongoing flow of your dermatology data through claims intermediaries. HealthConsent files HIPAA restriction requests covering insurance eligibility and claims-routing pathways.
Continue reading
Credit monitoring covers your wallet. HealthConsent covers your health records.
Your stolen diagnoses, test results, and medical record numbers don’t expire when the free credit-monitoring window ends. HealthConsent automates HIPAA restriction requests and opt-outs across providers, insurers, HIEs, and prescription networks so the data taken in this breach can’t keep being shared and sold by other entities downstream.
Protect my health dataCancel anytime · Family plan covers spouses + dependents
Sources & further reading
- Coastal Skin Surgery: Vendor Incident Notice (footer)
- TriZetto Incident Portal (Kroll)
- HIPAA Journal: TriZetto Provider Solutions Data Breach
- ClassAction.org: TriZetto Provider Solutions December 2025
- HHS OCR Breach Portal
Official HHS OCR Breach Portal: ocrportal.hhs.gov
About this page
This page is compiled from public regulatory filings, the breached entity’s own disclosures, and reporting from established healthcare-privacy outlets. Some sections are assembled with the help of automated research and may contain errors, summaries that lag the underlying source, or details that have since been revised. Treat it as a starting point, not legal advice or an authoritative record. If you spot something inaccurate, the linked sources above are the canonical record. For questions about your individual situation, contact the breached entity directly or consult a licensed attorney.