Vulnerability cyber

Wisconsin Physicians Service Insurance Corporation

Oct 30, 2024 1 min read
Wisconsin Physicians Service Insurance Corporation

WPS, a contractor for the Centers for Medicare & Medicaid Services (CMS), experienced a data breach due to a vulnerability in the MOVEit software used for transferring files. This incident, occurring between May 27 and May 31, 2023, potentially compromised the personally identifiable information (PII) of Medicare beneficiaries, related to Medicare claims management, and PII supporting CMS audits of healthcare providers. Approximately 946,801 individuals are affected and notifications are being sent to those whose information was at risk. The breach was disclosed to CMS on July 8, following the discovery of the unauthorized access to personal data.

Source: https://www.hcinnovationgroup.com/cybersecurity/data-breaches/news/55138546/cms-notifies-people-potentially-impacted-by-data-breach

TPRM report: https://scoringcyber.rankiteo.com/company/wps-health-insurance

"id": "wps001103024",
"linkid": "wps-health-insurance",
"type": "Vulnerability",
"date": "9/2024",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': '946,801',
                        'industry': 'Healthcare',
                        'name': 'WPS',
                        'type': 'Contractor'}],
 'attack_vector': 'Vulnerability Exploitation',
 'customer_advisories': 'Notifications sent to affected individuals',
 'data_breach': {'number_of_records_exposed': '946,801',
                 'personally_identifiable_information': 'Medicare claims '
                                                        'management, PII '
                                                        'supporting CMS audits '
                                                        'of healthcare '
                                                        'providers',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': 'PII'},
 'date_detected': '2023-07-08',
 'date_publicly_disclosed': '2023-07-08',
 'description': 'WPS, a contractor for the Centers for Medicare & Medicaid '
                'Services (CMS), experienced a data breach due to a '
                'vulnerability in the MOVEit software used for transferring '
                'files. This incident, occurring between May 27 and May 31, '
                '2023, potentially compromised the personally identifiable '
                'information (PII) of Medicare beneficiaries, related to '
                'Medicare claims management, and PII supporting CMS audits of '
                'healthcare providers. Approximately 946,801 individuals are '
                'affected and notifications are being sent to those whose '
                'information was at risk. The breach was disclosed to CMS on '
                'July 8, following the discovery of the unauthorized access to '
                'personal data.',
 'impact': {'data_compromised': 'PII of Medicare beneficiaries'},
 'response': {'communication_strategy': 'Notifications sent to affected '
                                        'individuals'},
 'title': 'WPS Data Breach',
 'type': 'Data Breach',
 'vulnerability_exploited': 'MOVEit software vulnerability'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.