Runs On Your Cloud
No Data Sharing
No Contract Required
Explore Now
Face Verification
Address Verification
Document Verification
Age Verification
VideoIdent
Fast ID
eIDV
NFC Verification
Consent Verification
Business Verification
Due Diligence
Investor Verification
E-Signature
Behavioural Biometrics
Device Fingerprinting
MFA
AML Screening
Business AML Screening
User Risk Assessment
Transaction Screening
Adverse Media Screening
Identity Verification
KYC
KYB
KYI
Bonus Abuse
Fraud Prevention
Deepfakes
Banking
Crypto
Fintech
Forex
Gaming
Gig Economy
Marketplace
Social Networks
Product Managers
Compliance Officers
Fraud Analyst
Global Trust Platform
Journey Builder
Vendor Comparison
Content library
Blogs
News
Reports
Insights
Knowledgebase
ROI calculator
Blind Spot Audit
Deepfake Detection
Liveness Detection
Document Originality
Document Deepfake
Events & Webinar
Podcast Studio
Spotlight Studio
API Documentation
Mobile SDKs
Service Status
Help Center
Contact Us
Technical Support
Compliance
Supported Document
About
Career
Press Release
Certifications
Partnership
Awards
Cyberhack Discloses Data on Over 600,000 Medicare Beneficiaries
A data breach in May 2023 exposed the personal information of 612,000 Medicare beneficiaries, including names, dates of birth, SSNs, insurance details, and medical history.
Maximus, an American company that manages and administers government-sponsored programs, detected an unusual activity on May 30 in the file transfer application MOVEit, used by government and commercial customers worldwide. This resulted in a far-reaching data breach that compromised the personal information of 612,000 Medicare beneficiaries, including Social Security numbers, birth dates, driver’s licence numbers, health insurance claims, medical records, and prescriptions.
An investigation led to the shutdown of MOVEit the following day. Progress Software Corporation also disclosed a vulnerability in the application at the time that “had allowed an unauthorised party to gain access to files across many organisations in both the government and private sector.”
Those whose data was compromised by the May 2023 security breach have been notified by Maximus Federal Services, the federal agency that manages Medicare, and the Centers for Medicare & Medicaid Services, the contractor that handled the breach.
As stated by the Centers for Medicare & Medicaid Services, personally identifiable information including name, SSN, tax identification number, date of birth, address, phone number, fax number, email, Medicare beneficiary identifier (MBI), licence number, SIN (State Identification Number), medical record information (such as the number of your medical record, diagnosis, dates of service, images, treatments, etc.), health insurance claim number (HICN), insurance policies, insurance subscribers, health benefits, and enrollment.
According to a Form 8-K filed with the Securities and Exchange Commission on July 26, it is estimated that Maximus’ investigation and “remediation activities” have so far cost approximately $15 million. Moreover, Maximus reported that it anticipates notifying 8 million and 11 million people of the breaches resulting from the cybersecurity hack.
Additionally, the driver’s licence database of Oregon, Siemens Energy, UCLA, and British Airways has been hacked, as well as the Office of Motor Vehicles in Louisiana. A spokesperson for the non-profit Identity Theft Resource Center (ITRC), which educates consumers about the dangers of identity theft, stated, “I don’t think we’ve gotten to the end of this rope yet. Our information is in so many different places, it’s hard to track where it is.”
Even though this incident is alarming, it is only one of 1,587 breaches reported by the ITRC so far in 2023, which places it very close to reaching the all-time high of 1,862 breaches reported in 2022.
Suggested Reads:
MIRABAUD BANK FINED $3M FOR AML FAILINGS BY DUBAI AUTHORITIES
THE US SECURITIES AND EXCHANGE COMMISSION IDENTIFIES AML FAILURES OF US BROKERAGE FIRMS
