Have you heard about the massive data breach of Medicare and Medicaid participants’ information? If not, you’ll want to keep reading, learn about the potential impacts on you or your loved ones, and plan your next steps. Whether you or a loved one are on Medicare, the breach is widespread and has compromised personally identifiable information (PII). It is severe enough to take action now. Here’s a recap of what happened and what to do next.
Earlier this year, on May 30th, 2023, Maximus Federal Services, a contractor for the Centers for Medicare and Medicaid Services (CMS) program, detected “suspicious activity” in a file-transfer application known as “MOVEit,” utilized by both government and commercial customers all over the world to transfer massive amounts of data across the internet. The application shut down the next day, and an investigation was launched. It’s estimated upwards of 11 million plan participants were compromised in the breach; however, it wasn’t until July 28th that the breach was made public in a CMS press release.
Who and What Was Impacted?
Medicare, as well as the state-run Medicaid, were both critically affected. If you or a loved one have health benefits through Medicare, it’s safe to assume this information has been compromised. The following information is the most private aspect of your health record, but this is not by far all that was breached:
- Social Security number
- Medicare Beneficiary Identifier (MBI) or Health Insurance Claim Number (HICN)
- Healthcare provider and/or prescription information
- Health benefits and enrollment information
- Medical history and notes (including diagnoses, images, conditions, account numbers, treatments, dates of service, etc.)
How are Impacted Parties Notified?
Impacted parties were notified via email and US mail began at the end of July and the beginning of August. These letters explain in detail the breach, what they’re currently doing to rectify the situation, and what you can do to protect yourself. If you are enrolled in Medicare and did not receive a letter, it is better to err on the side of caution and assume your information was compromised.
What Can You Do?
The best thing you can do right now is freeze your credit. This action prevents anyone who tries to steal your identity from opening new lines of credit in your name. You can also obtain a free credit report to monitor your credit and make sure you don’t already have something suspicious on your report. Maximus is offering two years of free credit monitoring through Experian. Now is the time to take advantage of it. If your Medical Beneficiary Identifier (MBI) was affected, you’ll get a new number from Medicare, but in the interim, continue using your existing ID. Once your card and new number arrive, provide the latest information to all your providers and pharmacies. Be sure to destroy your old card and cease using your former ID.
Changing the passwords on your medical accounts is also a good idea, and make sure they’re strong and unique. Reusing weaker passwords is not good practice for cybersecurity. The MoveIt data breach affects about 60 million people overall, from Medicare to life insurance to pensions and more. Take precautions now. It’s better to be safe than sorry.
At Organized Instincts, our team of daily money managers helps you put up your defenses against this monumental data breach. Schedule a no-obligation conversation today and learn how to protect yourself and your loved ones against the potential negative impacts of living in a world where data hacks are becoming all too common.