CMS Notifies Individuals Potentially Impacted by Data Breach CMS
pAn official website of the United States governmentppHeres how you know
pp
Official websites use govA
gov
website belongs to an official government organization in the United Statespp
Secure gov websites use HTTPSA
lock
or
https
means youve safely connected to the gov website Share sensitive information only on official secure websitesppShareppThe Centers for Medicare Medicaid Services CMS and Wisconsin Physicians Service Insurance Corporation WPS are notifying people whose protected health information or other personally identifiable information PII may have been compromised in connection with Medicare administrative services provided by WPS WPS is a CMS contractor that handles Medicare Part AB claims and related services for CMS ppThe notification comes following discovery of a security vulnerability in the MOVEit software a thirdparty application developed by Progress Software and used by WPS for the transfer of files in providing services to CMS WPS is among many organizations in the United States that have been impacted by the MOVEit vulnerability The security incident may have impacted PII of Medicare beneficiaries that was collected in managing Medicare claims as well as PII collected to support CMS audits of healthcare providers that some individuals who are not Medicare beneficiaries have visited to receive health care servicesppCMS and WPS are mailing written notifications to 946801 current people with Medicare whose PII may have been exposed informing them of the breach and explaining actions being taken in response CMS is also posting a substitute notice with similar information for those individuals for whom there is insufficient or outofdate contact information for sending a written notificationppBelow is a sample of the letter WPS is sending to those who are potentially affectedppDearppThe Centers for Medicare Medicaid Services CMS the federal agency that manages the Medicare program and Wisconsin Physicians Service Insurance Corporation WPS are writing to inform you of an incident involving your personal information related to services provided by WPS WPS is a CMS contractor that handles certain Medicare claims in your stateppThe incident involved a security vulnerability in the MOVEit software a thirdparty application used by WPS for the transfer of files during the Medicare claims process WPS is among the many organizations in the United States that have been impacted by the MOVEit vulnerabilityppWe are sending you this letter so that you can understand more about this incident how we are addressing it and additional steps you can take to further protect your privacy We are providing information on free credit monitoring with this notice and we will be giving you a new Medicare card with a new Medicare NumberppYour current Medicare benefits or coverage are not affected as a result of this incidentppWhat HappenedppOn July 8 2024 WPS notified CMS that files containing protected health information such as Medicare claims data and related personally identifiable information collectively Personal Information was compromised in a cybersecurity incident involving MOVEit A vulnerability in the MOVEit software made it possible between May 27 through 31 2023 for unauthorized third parties to gain access to Personal Information that was transferred using MOVEitppProgress Software the developer of MOVEit discovered and disclosed the vulnerability in the MOVEit software to the public on May 31 2023 Progress Software released a software patch to fix the vulnerability WPS applied the patch and investigated the potential impact of the vulnerability on its systems However in the 2023 investigation WPS did not observe any evidence that an unauthorized party obtained copies of files that were within the WPS MOVEit applicationppIn May 2024 acting on new information WPS conducted an additional review of its MOVEit file transfer system with the assistance of a thirdparty cybersecurity firm WPS confirmed that it had successfully patched the MOVEit vulnerability in early June 2023 after which there was no evidence of further activity by an unauthorized third party However the review also indicated that before Progress Software released the patch an unauthorized third party copied files from WPSs MOVEit file transfer system In coordination with law enforcement WPS evaluated some of those impacted files That portion of impacted files did not contain any Personal Information On July 8 2024 when evaluating a different portion of the impacted files WPS determined that some of the files contained Personal Information at which point it informed CMS We are sending you this letter to notify you that your Personal Information was contained in the impacted filesppCMS and WPS are not aware of any reports of identity fraud or improper use of your Personal Information as a direct result of this incident however we are taking this opportunity to notify you so that if you wish to do so you can take advantage of the information and resources referenced in this noticeppWhat Information Was InvolvedppWe have determined that your Personal Information was present in certain files involved in this incident This information may have included the followingppWhat Are We DoingppCMS is continuing to investigate this incident in coordination with WPS and will take all appropriate actions to safeguard the information entrusted to CMS The investigation includes collaboration among CMS WPS and law enforcement agencies as well as cybersecurity forensic consultants We are also providing you with the information in this notice so that you can take advantage of the resources referenced in the following section entitled What You Can DoppWhat Can You Dopp 1 Enroll in Experian Identity Protection Monitoring ServicesppWPS is offering a complimentary 12 months of credit monitoring and other services from Experian at no cost to you You do not need to use your credit card or any other form of payment to enroll in the service See the enclosed attachment for additional information on the complementary services and protections available to youpp 2 Obtain a Free Credit ReportppUnder federal law you are entitled to one free credit report every 12 months from each of the three major nationwide credit reporting companies listed above Call 18773228228 or request your free credit reports online at wwwannualcreditreportcom When you receive your credit reports review them for problems Identify any accounts you didnt open or inquiries from creditors that you did not authorize Verify all information is correct If you have questions or notice incorrect information contact the credit reporting companyppEven if you dont find any suspicious activity on your initial credit reports the Federal Trade Commission FTC recommends that you still check your credit reports periodically Checking your credit report periodically can help you spot problems and address them quicklyppIf you find suspicious activity on your credit reports or have reason to believe your information is being misused call your local law enforcement agency and file a police report Be sure to obtain a copy of the police report as many creditors will want the information it contains to absolve you of the fraudulent debts You may also file a complaint with the FTC by contacting them on the web at wwwftcgovidtheft by phone at 1877IDTHEFT 18774384338 or by mail at Federal Trade Commission Consumer Response Center 600 Pennsylvania Avenue NW Washington DC 20580 Your complaint will be added to the FTCs Identity Theft Data Clearinghouse where it will be accessible to law enforcement for their investigations In addition you may obtain information from the FTC about fraud alerts and security freezespp 3 Continue to Use Your Existing Medicare CardppAt this time we are not aware of any reports of identity fraud or improper use of your information as a direct result of this incident However if your MBI was potentially affected a new Medicare card with a new number will be issued to you CMS will mail the new card to your address in the coming weeks In the meantime you can continue to use your existing Medicare card After you get your new card you shouldpp a Follow the instructions in the letter that comes with your new cardpp b Destroy your old Medicare cardpp c Inform your providers that you have a new Medicare NumberppFor More InformationppWe take the privacy and security of your Medicare information very seriously CMS and WPS apologize for the inconvenience this incident might have caused youppIf you have any further questions regarding this incident please call the Experian dedicated and confidential tollfree response line at 8339315700 This response line is staffed with professionals familiar with this incident who know what you can do to help protect against misuse of your information The response line is available Monday through Friday from 8 am 8 pm Central Time excluding major US holidays Be prepared to provide your engagement number B130492ppYou can also call 1800MEDICARE 18006334227 with any general questions or concerns about MedicareppSincerely ppWPS Medicare Privacy OfficerppppGet CMS news at cmsgovnewsroom sign up for CMS news via email and follow CMS on X Formerly Twitter CMSgovppCMS News and Media Group
Catherine Howden Director
Media Inquiries Form
2026906145ppSign up to get the latest information about your choice of CMS topics You can decide how often to receive updatesppA federal government website managed and paid for by the US Centers for Medicare Medicaid Servicespp7500 Security Boulevard Baltimore MD 21244p
pp
Official websites use govA
gov
website belongs to an official government organization in the United Statespp
Secure gov websites use HTTPSA
lock
or
https
means youve safely connected to the gov website Share sensitive information only on official secure websitesppShareppThe Centers for Medicare Medicaid Services CMS and Wisconsin Physicians Service Insurance Corporation WPS are notifying people whose protected health information or other personally identifiable information PII may have been compromised in connection with Medicare administrative services provided by WPS WPS is a CMS contractor that handles Medicare Part AB claims and related services for CMS ppThe notification comes following discovery of a security vulnerability in the MOVEit software a thirdparty application developed by Progress Software and used by WPS for the transfer of files in providing services to CMS WPS is among many organizations in the United States that have been impacted by the MOVEit vulnerability The security incident may have impacted PII of Medicare beneficiaries that was collected in managing Medicare claims as well as PII collected to support CMS audits of healthcare providers that some individuals who are not Medicare beneficiaries have visited to receive health care servicesppCMS and WPS are mailing written notifications to 946801 current people with Medicare whose PII may have been exposed informing them of the breach and explaining actions being taken in response CMS is also posting a substitute notice with similar information for those individuals for whom there is insufficient or outofdate contact information for sending a written notificationppBelow is a sample of the letter WPS is sending to those who are potentially affectedppDearppThe Centers for Medicare Medicaid Services CMS the federal agency that manages the Medicare program and Wisconsin Physicians Service Insurance Corporation WPS are writing to inform you of an incident involving your personal information related to services provided by WPS WPS is a CMS contractor that handles certain Medicare claims in your stateppThe incident involved a security vulnerability in the MOVEit software a thirdparty application used by WPS for the transfer of files during the Medicare claims process WPS is among the many organizations in the United States that have been impacted by the MOVEit vulnerabilityppWe are sending you this letter so that you can understand more about this incident how we are addressing it and additional steps you can take to further protect your privacy We are providing information on free credit monitoring with this notice and we will be giving you a new Medicare card with a new Medicare NumberppYour current Medicare benefits or coverage are not affected as a result of this incidentppWhat HappenedppOn July 8 2024 WPS notified CMS that files containing protected health information such as Medicare claims data and related personally identifiable information collectively Personal Information was compromised in a cybersecurity incident involving MOVEit A vulnerability in the MOVEit software made it possible between May 27 through 31 2023 for unauthorized third parties to gain access to Personal Information that was transferred using MOVEitppProgress Software the developer of MOVEit discovered and disclosed the vulnerability in the MOVEit software to the public on May 31 2023 Progress Software released a software patch to fix the vulnerability WPS applied the patch and investigated the potential impact of the vulnerability on its systems However in the 2023 investigation WPS did not observe any evidence that an unauthorized party obtained copies of files that were within the WPS MOVEit applicationppIn May 2024 acting on new information WPS conducted an additional review of its MOVEit file transfer system with the assistance of a thirdparty cybersecurity firm WPS confirmed that it had successfully patched the MOVEit vulnerability in early June 2023 after which there was no evidence of further activity by an unauthorized third party However the review also indicated that before Progress Software released the patch an unauthorized third party copied files from WPSs MOVEit file transfer system In coordination with law enforcement WPS evaluated some of those impacted files That portion of impacted files did not contain any Personal Information On July 8 2024 when evaluating a different portion of the impacted files WPS determined that some of the files contained Personal Information at which point it informed CMS We are sending you this letter to notify you that your Personal Information was contained in the impacted filesppCMS and WPS are not aware of any reports of identity fraud or improper use of your Personal Information as a direct result of this incident however we are taking this opportunity to notify you so that if you wish to do so you can take advantage of the information and resources referenced in this noticeppWhat Information Was InvolvedppWe have determined that your Personal Information was present in certain files involved in this incident This information may have included the followingppWhat Are We DoingppCMS is continuing to investigate this incident in coordination with WPS and will take all appropriate actions to safeguard the information entrusted to CMS The investigation includes collaboration among CMS WPS and law enforcement agencies as well as cybersecurity forensic consultants We are also providing you with the information in this notice so that you can take advantage of the resources referenced in the following section entitled What You Can DoppWhat Can You Dopp 1 Enroll in Experian Identity Protection Monitoring ServicesppWPS is offering a complimentary 12 months of credit monitoring and other services from Experian at no cost to you You do not need to use your credit card or any other form of payment to enroll in the service See the enclosed attachment for additional information on the complementary services and protections available to youpp 2 Obtain a Free Credit ReportppUnder federal law you are entitled to one free credit report every 12 months from each of the three major nationwide credit reporting companies listed above Call 18773228228 or request your free credit reports online at wwwannualcreditreportcom When you receive your credit reports review them for problems Identify any accounts you didnt open or inquiries from creditors that you did not authorize Verify all information is correct If you have questions or notice incorrect information contact the credit reporting companyppEven if you dont find any suspicious activity on your initial credit reports the Federal Trade Commission FTC recommends that you still check your credit reports periodically Checking your credit report periodically can help you spot problems and address them quicklyppIf you find suspicious activity on your credit reports or have reason to believe your information is being misused call your local law enforcement agency and file a police report Be sure to obtain a copy of the police report as many creditors will want the information it contains to absolve you of the fraudulent debts You may also file a complaint with the FTC by contacting them on the web at wwwftcgovidtheft by phone at 1877IDTHEFT 18774384338 or by mail at Federal Trade Commission Consumer Response Center 600 Pennsylvania Avenue NW Washington DC 20580 Your complaint will be added to the FTCs Identity Theft Data Clearinghouse where it will be accessible to law enforcement for their investigations In addition you may obtain information from the FTC about fraud alerts and security freezespp 3 Continue to Use Your Existing Medicare CardppAt this time we are not aware of any reports of identity fraud or improper use of your information as a direct result of this incident However if your MBI was potentially affected a new Medicare card with a new number will be issued to you CMS will mail the new card to your address in the coming weeks In the meantime you can continue to use your existing Medicare card After you get your new card you shouldpp a Follow the instructions in the letter that comes with your new cardpp b Destroy your old Medicare cardpp c Inform your providers that you have a new Medicare NumberppFor More InformationppWe take the privacy and security of your Medicare information very seriously CMS and WPS apologize for the inconvenience this incident might have caused youppIf you have any further questions regarding this incident please call the Experian dedicated and confidential tollfree response line at 8339315700 This response line is staffed with professionals familiar with this incident who know what you can do to help protect against misuse of your information The response line is available Monday through Friday from 8 am 8 pm Central Time excluding major US holidays Be prepared to provide your engagement number B130492ppYou can also call 1800MEDICARE 18006334227 with any general questions or concerns about MedicareppSincerely ppWPS Medicare Privacy OfficerppppGet CMS news at cmsgovnewsroom sign up for CMS news via email and follow CMS on X Formerly Twitter CMSgovppCMS News and Media Group
Catherine Howden Director
Media Inquiries Form
2026906145ppSign up to get the latest information about your choice of CMS topics You can decide how often to receive updatesppA federal government website managed and paid for by the US Centers for Medicare Medicaid Servicespp7500 Security Boulevard Baltimore MD 21244p
