The Centers for Medicare & Medicaid Services (CMS) and the Wisconsin Physicians Insurance Corporation have announced that 946,801 current Medicare recipients are being notified that their personal information may have been exposed during the MOVEit security incident that occurred in 2023. According to CMS, “a vulnerability in the MOVEit software made it possible, between May 27 through 31, 2023, for unauthorized third parties to gain access to Personal Information that was transferred using MOVEit.”

The information present in the files included name, social security number, date of birth, mailing address, gender, hospital account number, dates of service, and Medicare Beneficiary Identifier and/or Health Insurance Claim Number. CMS is providing credit monitoring for 12 months and has other recommendations in the event you receive a notification letter.