https://community.aarp.org/t5/Medicare-Insurance/CMS-Notifying-Medicare-Beneficiaries-of-Potential-Data-Breach/m-p/2617674#M11745 <P><a href="https://community.aarp.org/t5/user/viewprofilepage/user-id/300286">@GailL1</a>&nbsp;, NO pressure to reply but are you saying NOT everyone is going to be contacted? Thanks for posting this as this is the 1st I am hearing about this. Happy 4th!!!</P> Fri, 04 Jul 2025 21:09:02 GMT SummerOnTheWay1 2025-07-04T21:09:02Z https://community.aarp.org/t5/Medicare-Insurance/CMS-Notifying-Medicare-Beneficiaries-of-Potential-Data-Breach/m-p/2617633#M11743 <P>Just FYI in case you get one of these notifications or a new Medicare card.</P><P><A href="https://www.cms.gov/newsroom/press-releases/cms-notifies-individuals-potentially-impacted-data-incident" target="_blank" rel="noopener">CMS.gov 06/30/2025 - News Release - CMS Notifies Individuals Potentially Impacted by Data Incident</A>&nbsp;</P><P>&nbsp;</P><P>from the link ~</P><P><SPAN><STRONG>What Happened?</STRONG>&nbsp;</SPAN></P><P><SPAN>On May 2, 2025, CMS’ call center began receiving inquiries from beneficiaries who received letters confirming the creation of Medicare.gov accounts they did not initiate. CMS promptly launched an investigation and discovered that malicious actors had fraudulently created new accounts between 2023 and 2025 using valid beneficiary information, including Medicare Beneficiary Identifiers (MBI), coverage start date, last name, date of birth, and zip code.&nbsp;</SPAN></P><P><SPAN>Once these unauthorized accounts were established, bad actors may have accessed additional beneficiary data, including:&nbsp;</SPAN></P><UL><LI><SPAN>Provider information</SPAN></LI><LI><SPAN>Mailing address</SPAN></LI><LI><SPAN>Dates of service</SPAN></LI><LI><SPAN>Diagnosis codes</SPAN></LI><LI><SPAN>Services received</SPAN></LI><LI><SPAN>Plan premium details</SPAN></LI></UL><P><SPAN>CMS is not aware of any reports of identity fraud or misuse of the information as a direct result of this activity. Nevertheless, out of an abundance of caution, CMS is taking proactive steps to safeguard beneficiary information.</SPAN></P><P><SPAN>=============</SPAN></P><P><SPAN>The news release goes on to say what CMS is doing to correct this -</SPAN></P><P>also from the link~</P><P>&nbsp;</P><P><SPAN><STRONG>What Can Beneficiaries Do?</STRONG></SPAN></P><P><SPAN>Beneficiaries are encouraged to:&nbsp;</SPAN></P><UL><LI><SPAN>Review Medicare Summary Notices and Explanation of Benefits for any unfamiliar charges or services.</SPAN></LI><LI><SPAN>Report any suspicious activity to <A href="tel:1-800-MEDICARE" target="_blank" rel="noopener">1-800-MEDICARE</A> (<A href="tel:1-800-633-4227" target="_blank" rel="noopener">1-800-633-4227</A>) or the Office of Inspector General at oig.hhs.gov/fraud/report-fraud/.</SPAN></LI><LI><SPAN>Obtain free annual credit reports through <A href="http://www.annualcreditreport.com" target="_blank" rel="noopener">www.annualcreditreport.com</A> or by calling <A href="tel:1-877-322-8228" target="_blank" rel="noopener">1-877-322-8228</A>.</SPAN></LI><LI><SPAN>File reports with local law enforcement and/or the Federal Trade Commission by calling <A href="tel:1-877-IDTHEFT" target="_blank" rel="noopener">1-877-IDTHEFT</A> (<A href="tel:1-877-438-4338" target="_blank" rel="noopener">1-877-438-4338</A>) or online at <A href="http://www.ftc.gov/idtheft" target="_blank" rel="noopener">www.ftc.gov/idtheft</A> if any identity theft concerns arise.</SPAN></LI></UL><P><SPAN>For additional information or questions, beneficiaries can directly contact <A href="tel:1-800-MEDICARE" target="_blank" rel="noopener">1-800-MEDICARE</A> (<A href="tel:1-800-633-4227" target="_blank" rel="noopener">1-800-633-4227</A>).</SPAN></P> Fri, 04 Jul 2025 16:05:01 GMT https://community.aarp.org/t5/Medicare-Insurance/CMS-Notifying-Medicare-Beneficiaries-of-Potential-Data-Breach/m-p/2617633#M11743 GailL1 2025-07-04T16:05:01Z https://community.aarp.org/t5/Medicare-Insurance/CMS-Notifying-Medicare-Beneficiaries-of-Potential-Data-Breach/m-p/2617674#M11745 <P><a href="https://community.aarp.org/t5/user/viewprofilepage/user-id/300286">@GailL1</a>&nbsp;, NO pressure to reply but are you saying NOT everyone is going to be contacted? Thanks for posting this as this is the 1st I am hearing about this. Happy 4th!!!</P> Fri, 04 Jul 2025 21:09:02 GMT https://community.aarp.org/t5/Medicare-Insurance/CMS-Notifying-Medicare-Beneficiaries-of-Potential-Data-Breach/m-p/2617674#M11745 SummerOnTheWay1 2025-07-04T21:09:02Z https://community.aarp.org/t5/Medicare-Insurance/CMS-Notifying-Medicare-Beneficiaries-of-Potential-Data-Breach/m-p/2617678#M11746 <P><a href="https://community.aarp.org/t5/user/viewprofilepage/user-id/32699552">@SummerOnTheWay1</a>&nbsp;</P><P>Right, it will be only for those who have had a fraudulent account established by someone else. &nbsp;I am not looking at the News Release right now but I think they said a bit over 100,000 beneficiaries. &nbsp;</P><P>&nbsp;</P><P>You would know cause you would get a notice from Medicare that an account had been created and you knew you did not create it. &nbsp;Just like a bank or credit card co would do if this type of thing happened. &nbsp;</P> Fri, 04 Jul 2025 21:17:56 GMT https://community.aarp.org/t5/Medicare-Insurance/CMS-Notifying-Medicare-Beneficiaries-of-Potential-Data-Breach/m-p/2617678#M11746 GailL1 2025-07-04T21:17:56Z