Breach, Critical Infrastructure Security, Supply chain

CMS: Over 3.1M compromised in widespread MOVEit hack

Share
Blueprint for responding to a supply chain attack

More than 3.1 million individuals were confirmed by the Centers for Medicare & Medicaid Services to have had their information compromised as a result of the widespread MOVEit hack conducted by the Cl0p ransomware operation against Medicare admin services provider Wisconsin Physicians Service last year, according to BleepingComputer.

Such a development comes after the initial report of the agency detailing that the incident had exposed personally identifiable information from 946,801 individuals failed to account for the people who were deceased or non-beneficiaries whose data had been collected by WPS for CMS, according to a CMS spokesperson. Investigation into the breach revealed that WPS had its network infiltrated before the remediation of the vulnerable MOVEit Transfer instance, enabling the exfiltration of individuals' names, birthdates, Social Security numbers, Taxpayer Identification Numbers, mailing addresses, gender, hospital account numbers, and service dates, as well as Medicare Beneficiary Identifiers and/or Health Insurance Claim Numbers.

Related Terms

Attack Vector

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.