In re: Cognizant Technology Solutions Corporation and TriZetto Provider Solutions, LLC, Data Security Breach Litigation

CourtDistrict Court, E.D. California
DecidedJune 9, 2026
Docket2:26-cv-00086
StatusUnknown

This text of In re: Cognizant Technology Solutions Corporation and TriZetto Provider Solutions, LLC, Data Security Breach Litigation (In re: Cognizant Technology Solutions Corporation and TriZetto Provider Solutions, LLC, Data Security Breach Litigation) is published on Counsel Stack Legal Research, covering District Court, E.D. California primary law. Counsel Stack provides free access to over 12 million legal documents including statutes, case law, regulations, and constitutions.

Bluebook
In re: Cognizant Technology Solutions Corporation and TriZetto Provider Solutions, LLC, Data Security Breach Litigation, (E.D. Cal. 2026).

Opinion

GRAVES, CLERK a Sat bount UNITED STATES JUDICIAL PANEL Fl L E D EASTER as fe yssoun on Jun 09, 2026 BY PU LBP MULTIDISTRICT LITIGATION CLERK, US. DISTRICT COURT (/ RICT OLS EASTERN DISTRICT OF CALIFORNIA IN RE: COGNIZANT TECHNOLOGY SOLUTIONS CORPORATION AND TRIZETTO PROVIDER SOLUTIONS, LLC, DATA SECURITY BREACH LITIGATION MDL No. 3185

TRANSFER ORDER

Before the Panel:* Plaintiffs in an action pending in the District of New Jersey move under 28 U.S.C. § 1407 to centralize this litigation in the District of New Jersey. This litigation consists of nineteen actions pending in three districts, as listed on Schedule A.' Since the filing of the motion, the Panel has been notified of nine related actions pending in four districts.’ Plaintiffs in four actions and potential tag-along actions support the motion. Plaintiffs in nine actions and potential tag-along actions suggest centralization in the Eastern District of Missouri, and plaintiffs in eight of those actions alternatively suggest centralization in the Western District of Missouri. Defendants TriZetto Provider Solutions, LLC (TnZetto) and Cognizant Technology Solutions Corporation (Cognizant, and together, TriZetto/Cognizant) oppose centralization and, alternatively, support centralization in the Eastern District of Missouri. Responding healthcare defendants oppose the motion® The One Community defendants alternatively support centralization in the Eastern District of Missouri. On the basis of the papers filed and the hearing session held, we find that these actions involve common questions of fact and that centralization in the Eastern District of Missouri will serve the convenience of the parties and witnesses and promote the just and efficient conduct of

Judge Karen K. Caldwell and Judge Madeline Cox Arleo took no part in the decision of this matter. Additionally, one or more Panel members who could be members of the putative classes in this litigation have renounced their participation in these classes and have participated in this decision. Another four actions included in the motion for centralization have been voluntarily dismissed. The Eastern District of Missouri Hahn action originally was filed in the Northern District of California but, after the close of briefing, was transferred to the Eastern District of Missouri. 2 These and any other related actions are potential tag-along actions. See Panel Rules 1.1(i), 7.1 and 7.2. 3 St. Anthony’s Physician Organization Hospitalist Services, L.C., and Cares Community Health and One Community Health (together, One Community). Healthcare defendants in another two actions also opposed the motion, but plaintiffs voluntarily dismissed the claims against them.

this litigation. The actions share questions of fact arising from allegations that TriZetto/Cognizant failed to take adequate measures to prevent and address the consequences of a cyberattack on its network that began in November 2024 and was discovered in October 2025. This attack is alleged to have exposed the private information of more than 3.4 million individuals. Plaintiffs seek certification of overlapping nationwide and statewide class actions of individuals, and assert similar claims for negligence, negligence per se, breach of contract, invasion of privacy, breach of fiduciary duty, unjust enrichment, and violation of state consumer protection laws.

In opposing centralization, defendants argue that (1) movants have not identified common factual questions, rather than common legal questions, and (2) Section 1404 transfer or informal coordination are preferrable to Section 1407 centralization. We disagree. Plaintiffs favoring centralization have identified several common factual questions, including: the nature, scope, timing, and cause of the data breach; defendants’ data security policies and practices before the breach; when TriZetto first detected the vulnerabilities in its system; defendants’ response to the breach; the adequacy and timing of notice to affected entities and individuals; and the effects of the attack on individuals whose private information was compromised. Discovery regarding these overlapping issues is likely to be complex and time-consuming. Indeed, defendants have not opposed efforts to consolidate these actions where there are multiple actions pending in a single district. Centralization will avoid the possibility of inconsistent pretrial rulings, particularly with respect to class certification.

We have denied centralization where there is a “reasonable prospect” that Section 1404 transfer will eliminate the multidistrict character of the litigation. See In re Gerber Probiotic Prods. Mktg. & Sales Practices Litig., 899 F. Supp. 2d 1378, 1379 (J.P.M.L. 2012). But “the pendency of Section 1404 motions, alone, is not dispositive, and we look to other circumstances to determine whether there is a reasonable prospect that the Section 1404 motions will resolve the difficulties posed by duplicative multidistrict litigation – for example, the amenability of counsel to Section 1404 transfer, orders addressing transfer in the underlying actions, and the likelihood of potential tag-along actions.” See In re Natrol, Inc., Glucosamine/Chondroitin Mktg. & Sales Practices Litig., 26 F. Supp. 3d 1392, 1393 (J.P.M.L. 2014). Here, given the disagreement among some of the parties over which entity is the “key” defendant in this litigation and therefore which entity’s headquarters will be the focus of the litigation, the question of whether motions to transfer all cases to the Eastern District of Missouri will be successful is not assured. Furthermore, given that at least 3.4 million individuals were affected by the data breach, it is likely additional actions will be filed. Centralization is more efficient than requiring the parties to pursue litigation of their Section 1404 transfer motions in three separate courts, as well as in future tag-along actions. We are similarly not persuaded that informal coordination is an efficient alternative, given the number of actions and counsel and the complexity of the issues. At least 30 plaintiffs’ firms have filed these actions, which are pending before six different judges.

We find that the Eastern District of Missouri is the most appropriate transferee district for this litigation. Defendant TriZetto is headquartered in this district, and TriZetto states that Missouri is the location of the data breach and most relevant witnesses. Nine actions are pending there, including the first-filed action, and they have been consolidated. Both defendants and some plaintiffs support centralization in this district. We select Judge John A. Ross to preside over this litigation. He is experienced with complex multidistrict data breach litigation, and we are EE

confident he will steer this matter on an efficient and prudent course. IT IS THEREFORE ORDERED that the actions listed on Schedule A and pending outside the Eastern District of Missouri are transferred to the Eastern District of Missouri and, with the consent of that court, assigned to the Honorable John A. Ross, for coordinated or consolidated pretrial proceedings.

PANEL ON MULTIDISTRICT LITIGATION

Matthew F. Kennelly 7 Acting Chair David C. Norton Dale A. Kimball M. Casey Rodgers

IN RE: COGNIZANT TECHNOLOGY SOLUTIONS CORPORATION AND TRIZETTO PROVIDER SOLUTIONS, LLC, DATA SECURITY BREACH LITIGATION MDL No. 3185 SCHEDULE A

Eastern District of California TAYLOR v. TRIZETTO PROVIDER SOLUTIONS, LLC, ET AL., C.A. No. 2:26−00086 Eastern District of Missouri NIESSING v.

Free access — add to your briefcase to read the full text and ask questions with AI

Related

In re Natrol, Inc., Glucosamine/Chondroitin Marketing & Sales Practices Litigation
26 F. Supp. 3d 1392 (Judicial Panel on Multidistrict Litigation, 2014)
In re Gerber Probiotic Products Marketing & Sales Practices Litigation
899 F. Supp. 2d 1378 (Judicial Panel on Multidistrict Litigation, 2012)

Cite This Page — Counsel Stack

Bluebook (online)
In re: Cognizant Technology Solutions Corporation and TriZetto Provider Solutions, LLC, Data Security Breach Litigation, Counsel Stack Legal Research, https://law.counselstack.com/opinion/in-re-cognizant-technology-solutions-corporation-and-trizetto-provider-caed-2026.