Health and Wellness Informatics News

There are reports of a ransomware attack on CMS systems. The organizations are expecting PII and PHI at risk. They are also alarming the potentially targeted users and providing necessary services.

The reports suggest a ransomware attack on the vendor Healthcare Management Solutions. According to the agency, the company has also violated its obligations to CMS. This HMS scam also has the potential to reach 254,000 Medicare beneficiaries.

On 9th October, CMS got the notification of a ransomware breach in its subcontractor system yesterday. According to the contract, HMS has to resolve issues related to premium payment records and Medicare beneficiary entitlement for CMS. As mentioned in the contract, ASRC Federal Data Solutions didn’t take the Medicare claims information.

The subcontractor also provides Medicare premiums from the general public. Initially, the reports came out that Medicare beneficiary data was safe. But on October 18, the reports changed. Now, the agency is also saying that some of the 64 million beneficiaries are at risk in the security breach.

CMS notified the beneficiaries that are under the risk radar from the cyber attack. However, they send a message stating that their personally identifiable information (PII) can be in danger. Furthermore, they are also encouraging the beneficiaries to update their Medicare card with new beneficiary numbers.

The organization is assisting in the process with free-of-charge credit monitoring services. The affected beneficiaries have to inform the provider of the new Medicare card, as said in the statement.

The data breach may leak information like names; dates of birth; addresses; phone numbers; Medicare beneficiary identifiers; Social Security numbers; banking information, including routing and account numbers; and Medicare enrollment, entitlement, and premium Information.

According to the vice president of vulnerability and threat research, Mike Walters, security systems are vulnerable. The PHI data is one of the most valuable assets sold in the black market. The CMS branch also shows us how much the system is vulnerable to these ransomware threats.