WPS, a contractor for the Centers for Medicare & Medicaid Services (CMS), experienced a data breach due to a vulnerability in the MOVEit software used for transferring files. This incident, occurring between May 27 and May 31, 2023, potentially compromised the personally identifiable information (PII) of Medicare beneficiaries, related to Medicare claims management, and PII supporting CMS audits of healthcare providers. Approximately 946,801 individuals are affected and notifications are being sent to those whose information was at risk. The breach was disclosed to CMS on July 8, following the discovery of the unauthorized access to personal data.
"id": "wps001103024",
"linkid": "wps-health-insurance",
"type": "Vulnerability",
"date": "9/2024",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"