CMS hit in MOVEit software breach

The personal health information of 612,000 Medicare beneficiaries has been breached from CMS contractor Maximus Federal Services.

The breach resulted from a vulnerability in the MOVEit software that has also been responsible for third-party breaches at health systems across the country. An unauthorized party gained access to the Maximus files between May 27 and May 31, according to a July 28 CMS news release.


The information involved in the breach:

  • Name
  • Social Security number or taxpayer identification number
  • Date of birth
  • Mailing address
  • Telephone number and email address
  • Medicare beneficiary number or health insurance claim number
  • Driver's license number and state identification number
  • Medical history notes
  • Healthcare provider and prescription information
  • Health insurance claim and policy information
  • Health benefits and enrollment information


CMS is notifying affected beneficiaries via letter and providing free credit monitoring services.

Copyright © 2024 Becker's Healthcare. All Rights Reserved. Privacy Policy. Cookie Policy. Linking and Reprinting Policy.


Featured Whitepapers

Featured Webinars