In a major data breach, the Centers for Medicare & Medicaid Services (CMS) disclosed that over 600,000 Medicare beneficiaries’ personal data, including names, Social Security numbers, and medical histories, may have been compromised.
The breach stemmed from a security flaw in MOVEit software, a third-party utilized during Medicare appeals, and was linked to CMS contractor Maximus. Prompt action was taken, with Maximus investigating, taking the application offline, and alerting law enforcement. CMS is collaborating with Maximus to assess the breach’s extent and protect affected individuals’ information. Beneficiaries will receive guidance on steps to take, including enrolling in identity monitoring and obtaining credit reports. The CMS says despite the breach, beneficiaries should continue to use their existing Medicare cards for healthcare services.
In light of the breach, CMS emphasizes that beneficiaries should remain cautious and vigilant. Medicare representatives will never make unsolicited calls requesting personal information. If beneficiaries receive any suspicious calls from individuals claiming to be from Medicare, they should immediately hang up and refrain from sharing any information.
For accurate and reliable information, beneficiaries can contact Medicare’s call center at 800-633-4227.
