Maximus Data Breach Potentially Exposed Data of 612,000 Medicare Beneficiaries
The Centers for Medicare and Medicaid Services (CMS) notified 612,000 Medicare beneficiaries, on July 28, 2023, of a data breach in the network of a Medicare contractor, Maximus Federal Services. LeadingAge National has reported that CMS is mailing approximately 47,000 new Medicare cards with a new Medicare Beneficiary Identifier (MBI) to those affected.
Providers may receive an “invalid member ID” error code when checking Medicare eligibility, if a patient or resident's MBI has been changed. CMS recommends that providers ask the beneficiary for their new card or find the new MBI through the Medicare Administrative Contractor’s secure internet portal. The new MBI can be found using the MBI look-up tool. More information about MBI changes is available here.
Medicare beneficiaries whose personally identifiable information and/or protected health information may have been exposed are being offered free-of-charge credit monitoring services for 24 months.
Contact: Karen Lipson, klipson@leadingageny.org