Cigna Vendor Breach Exposes Patient Health and Financial Data

What Happened

Between October 21, 2024, and January 13, 2025, a third-party vendor responsible for handling claim overpayments and recoveries for Cigna experienced a security incident. An unauthorized actor gained access to files containing sensitive information belonging to Cigna Healthcare clients. The breach was reported on January 15, 2025, and later confirmed on September 3, 2025. This incident is part of a series of security events affecting Cigna, often through its network of partners and vendors.

Impact

The compromised data includes a wide range of personally identifiable information (PII) and protected health information (PHI). Exposed details include full names, health care ID numbers, dates of service, treatment costs, and claim numbers. For some individuals, their Social Security numbers were also exposed, significantly increasing the risk of identity theft and financial fraud. Clients of Cigna Healthcare, including those with MassMutual benefit plans, were affected.

Response

In response to the breach, Cigna has reportedly transitioned services away from the compromised vendor and is re-evaluating its third-party relationships to mitigate future risks. The company has offered free identity protection services to affected individuals. The incident has prompted investigations into class-action lawsuits to seek damages for those impacted by the exposure of their private data.