Skip to main content
close search
site logo
Dive Brief

MOVEit victims are still coming forward. This time it’s Wisconsin Medicare.

The delayed notifications underscore the difficulty organizations confront in discovering breaches and attributing compromises to a root cause or source.

Published Sept. 9, 2024
Matt Kapko's headshot
Senior Reporter
Interior of Progress Software's office in Rotterdam, Netherlands.
Progress Software's logo inside its offices in Rotterdam, Netherlands. Retrieved from Progress Software on January 18, 2024

Dive Brief:

  • Sensitive data on nearly 1 million Medicare beneficiaries in Wisconsin was compromised last year by a ransomware group’s attack spree targeting a zero-day vulnerability in Progress Software’s MOVEit file-transfer service. 
  • The Centers for Medicare & Medicaid Services said its contractor Wisconsin Physicians Service Insurance Corp. was impacted by the widely-exploited MOVEit vulnerability, in a Friday news release.
  • The federal agency in charge of Medicare began notifying nearly 950,000 people their data was compromised last week. Wisconsin Physicians Service Insurance notified the Centers for Medicare and Medicaid Services of the breach on July 8. 

Dive Insight:

The data breach disclosure comes more than a year after a spree of attacks in May 2023 targeting the MOVEit vulnerability ballooned into the largest, most significant cyberattack of last year. Organizations impacted by the attacks are still coming forward.

The Texas Dow Employees Credit Union last month notified more than 500,000 people their sensitive data was compromised during an attack on its MOVEit environment in late May last year. The credit union said it discovered the breach on July 30, in a filing with the office of the Maine attorney general.

The delayed notifications underscore the difficulty organizations confront in discovering breaches and attributing compromises to a root cause or source.

Wisconsin Physicians Service Insurance said it applied the patch for the MOVEit vulnerability in early June 2023 and found no evidence of compromised or stolen data at that time.

The organization said it conducted an additional review of its MOVEit system, acting on new information with the aid of a third-party cybersecurity firm, in May. The investigation indicated an unauthorized third party copied files from the organization’s MOVEit environment before Progress Software released the patch.

On July 8, Wisconsin Physicians Service Insurance said it determined some of those files contained sensitive data and it notified CMS of the breach.

The scope of protected health information and personally identifiable information the breach exposed includes names, Social Security numbers, dates of birth, addresses, hospital account numbers, Medicare beneficiary identifiers and health insurance claim numbers.

Filed Under: Breaches, Cyberattacks

Editors' picks

Company Announcements

View all | Post a press release
Migliaccio and Rathod Investigates Byte Federal Data Breach
From Migliaccio and Rathod
December 12, 2024
DigiCert Releases First-of-Its-Kind Open-Source DCV Library to Elevate Industry Standards
From DigiCert
December 18, 2024
Chemonics International Data Breach Investigation
From Migliaccio & Rathod LLP
December 04, 2024
Rumpke Data Breach Investigation
From Migliaccio and Rathod
December 11, 2024
Editors' picks
Latest in Breaches
Industry Dive is an Informa TechTarget business.
© 2024 TechTarget, Inc. or its subsidiaries. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell
This website is owned and operated by Informa TechTarget, part of a global network that informs, influences and connects the world's technology buyers and sellers. All copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. TechTarget, Inc.'s registered office is 275 Grove St. Newton, MA 02466.