Centers for Medicare & Medicaid Services

Centres for Medicare and Medicaid (CMS) suffered a data breach incident after one of its subcontractor was the victim of a ransomware attack.

The breach involved Medicare beneficiaries’ personally identifiable information (PII) and/or protected health information (PHI) of up to 254,000 beneficiaries.

The information included Name, Address, Date of Birth, Phone Number, Social Security Number, Medicare Beneficiary Identifier, Banking information, routing and account numbers, Medicare Entitlement, Enrollment, and Premium Information.

The CMS immediately facilitated support to individuals potentially affected by the incident and took all necessary actions needed to safeguard the information.

Source: https://www.databreaches.net/cms-responding-to-data-breach-at-subcontractor/

"id": "CEN1752211222",
"linkid": "centers-for-medicare-&-medicaid-services",
"type": "Data Leak",
"date": "12/2022",
"severity": "85",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"