US Government Agency CMS Reveals Massive Data Breach Affecting 3.1 Million People: Urgent Security Alert

Did you know that over three million health plan beneficiaries had their health and personal information exposed in a ransomware attack last year? That’s right, the Centers for Medicare & Medicaid Services (CMS) recently announced that the MOVEit attacks, carried out by the Cl0p ransomware group, resulted in a massive data breach.

The hackers managed to steal the data by targeting the Wisconsin Physicians Service (WPS) health insurance corporation, a provider of Medicare administrative services. CMS is a federal agency responsible for administering the nation’s major healthcare programs, including Medicaid and CHIP. It plays a crucial role in ensuring these programs meet federal standards, providing funding support, enforcing policies and regulations, monitoring quality and costs, and regulating the Affordable Care Act’s (ACA) health insurance marketplace.

How many people were affected?

According to a CMS press release on September 6th, 946,801 individuals with Medicare were notified about personally identifiable information exposed in the MOVEit attacks that happened over a year ago. However, the total number of people with information stolen was a staggering 3,112,815 individuals!

Why the difference? A CMS spokesperson explained that the additional affected individuals were either deceased or not Medicare beneficiaries, but WPS had collected their data as part of their work for CMS.

What went wrong?

WPS applied security updates from Progress Software, the developer of MOVEit Transfer, in early June 2023, believing that their systems were now safe. Unfortunately, a review of the incident in May 2024 revealed that the hackers had already breached the WPS network before the security patch was applied, and had managed to exfiltrate certain files.

On July 8, 2024, CMS discovered that the stolen files contained sensitive information such as names, Social Security Numbers, dates of birth, mailing addresses, gender, hospital account numbers, dates of service, and various insurance identifiers.

What’s being done to help?

As the investigation continues, affected individuals are being offered a 12-month free-of-charge credit monitoring service by Experian to help mitigate the risks arising from their data exposure. But there’s a catch – although the Cl0p ransomware group claimed that they would delete data belonging to hospitals, healthcare organizations, and U.S. government entities, it’s practically impossible to guarantee that the stolen data hasn’t been shared or sold on the dark web.

What can you do to protect yourself?

It’s essential to stay informed about cybersecurity threats and take steps to safeguard your personal and sensitive information. We’re here to help you stay ahead of the curve and protect your data from cybercriminals. Don’t hesitate to contact us for guidance, resources, and expert advice. And make sure to keep coming back for the latest updates on cybersecurity trends and tips!