CMS: MOVEit-related Maximus breach impacts up to 612K Medicare recipients

Up to 612,000 Medicare beneficiaries were noted by the Centers for Medicare and Medicaid Services to potentially have had their data compromised following the hack of federal contractor Maximus involving the widespread exploitation of a vulnerability in the MOVEit Transfer file transfer app, according to FedScoop. Such an intrusion has not affected the systems of CMS or the Department of Health and Human Services, said CMS, which added that it has been coordinating with Maximus in informing individuals whose personally identifiable information or protected health information may have been impacted by the incident, who will be given two years of free credit monitoring services. Such a disclosure comes after Maximus revealed in a filing with the Securities and Exchange Commission that data from 8 million to 11 million people may have been exposed after its network was compromised by the MOVEit hack. "We have been working with the subset of our customers who were using MOVEit as part of their workflows and continue to provide updates and support to them as our investigation proceeds. We continue to closely monitor our systems for any unusual activity," said Maximus.