Centers for Medicare & Medicaid Services (CMS)

CMS, alongside WPS, is alerting individuals to a breach stemming from a vulnerability in MOVEit software. This incident, detected on July 8, compromised PII of Medicare beneficiaries and others, potentially impacting 946,801 people. The data breach involved information used in Medicare claim management and CMS audits. Personal information was exposed during the unauthorized access that occurred between May 27 and May 31, 2023.

Source: https://www.hcinnovationgroup.com/cybersecurity/data-breaches/news/55138546/cms-notifies-people-potentially-impacted-by-data-breach

TPRM report: https://scoringcyber.rankiteo.com/company/centers-for-medicare-&-medicaid-services

"id": "cen001032925",
"linkid": "centers-for-medicare-&-medicaid-services",
"type": "Vulnerability",
"date": "9/2024",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'customers_affected': 946801,
                        'industry': 'Healthcare',
                        'location': 'United States',
                        'name': 'Centers for Medicare & Medicaid Services '
                                '(CMS)',
                        'type': 'Government Agency'},
                       {'customers_affected': 946801,
                        'industry': 'Healthcare',
                        'location': 'United States',
                        'name': 'WPS',
                        'type': 'Healthcare Provider'}],
 'attack_vector': 'Vulnerability Exploitation',
 'data_breach': {'number_of_records_exposed': 946801,
                 'personally_identifiable_information': True,
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': 'PII'},
 'date_detected': '2023-07-08',
 'description': 'CMS, alongside WPS, is alerting individuals to a breach '
                'stemming from a vulnerability in MOVEit software. This '
                'incident, detected on July 8, compromised PII of Medicare '
                'beneficiaries and others, potentially impacting 946,801 '
                'people. The data breach involved information used in Medicare '
                'claim management and CMS audits. Personal information was '
                'exposed during the unauthorized access that occurred between '
                'May 27 and May 31, 2023.',
 'impact': {'data_compromised': ['PII of Medicare beneficiaries',
                                 'Information used in Medicare claim '
                                 'management and CMS audits']},
 'references': [{'source': 'Cyber Incident Description'}],
 'title': 'CMS and WPS Data Breach',
 'type': 'Data Breach',
 'vulnerability_exploited': 'MOVEit software vulnerability'}

Centers for Medicare & Medicaid Services (CMS)

Anthropic

SBI

Mitsubishi Electric