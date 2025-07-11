NEW You can now listen to Fox News articles!

Healthcare data continues to be a top target for cybercriminals. In June alone, two major breaches compromised over 13 million patient records. Now, a newly confirmed Medicare data breach has affected more than 100,000 Americans.

The Centers for Medicare & Medicaid Services (CMS) sent letters this week to those affected, confirming that hackers accessed sensitive data linked to Medicare.gov accounts.

What you need to know about the Medicare data breach

The breach traces back to suspicious activity starting in late 2023. According to CMS, cybercriminals used stolen personal data from external sources to fraudulently create Medicare.gov accounts.

That information included:

Full names

Dates of birth

ZIP codes

Medicare Beneficiary Identifiers (MBIs)

Medicare coverage details

CMS began receiving alerts in May 2025 when people reported receiving account confirmation letters for accounts they had not created. This triggered an internal investigation. Hackers not only created unauthorized accounts but, in some cases, accessed additional sensitive data such as:

Home addresses

Provider and diagnosis codes

Services received

Plan premium details

How CMS is responding

CMS has deactivated all affected accounts and is mailing new Medicare cards to the estimated 103,000 individuals affected. The agency says no confirmed identity theft cases have been reported yet. CMS stressed the action is being taken out of "an abundance of caution," but the breach raises questions about federal cybersecurity safeguards.

What happens next for those affected by the Medicare data breach

If you're one of the people affected by the Medicare data breach:

Watch your mailbox for a replacement Medicare card

for a replacement Medicare card Monitor your Medicare.gov account for suspicious activity

for suspicious activity Report unauthorized services or charges immediately

CMS is still investigating how the attackers obtained such accurate personal data and whether more individuals may be at risk.

Who's behind the Medicare data breach?

So far, CMS has not identified the attackers. However, the use of valid personal information suggests that the hackers may have obtained data from prior breaches or leaks on other platforms. This breach reveals a troubling vulnerability in the federal healthcare system, where hackers can exploit existing data to create legitimate-looking accounts and access deeply personal medical information.

5 ways you can stay safe after a Medicare data breach

Here are five important steps you can take right now to protect your Medicare information and reduce your risk of identity theft after the breach.

1. Watch for unusual account activity

Regularly check your Medicare and healthcare accounts for changes you did not make. Be cautious of unfamiliar services, charges or communications from providers you don’t recognize.

2. Use an identity theft protection service

In light of the Medicare data breach, where bad actors used valid personal details to create fake accounts, enrolling in a trusted identity theft protection service can offer an extra layer of defense. These services monitor your Social Security number, email, phone number and other sensitive data to alert you if it's being sold on the dark web or used to open fraudulent accounts.

Many top-rated services also help you freeze your credit and bank accounts and offer expert support if your identity is compromised. My top pick includes up to $1 million in identity theft insurance to cover stolen funds and legal fees, plus access to a U.S.-based fraud resolution team that helps you recover faster.

3. Secure your Medicare information

Never share your Medicare number or card details with anyone over the phone or email, unless you initiated the contact and trust the source. Treat it like a credit card.

4. Remove personal data

If you believe your information is being misused, remove it from the internet. A personal data removal service can help you remove all this personal information from the internet. It has a very clean interface and will scan 195 websites for your information and remove it and keep it removed.

5. Report fraud to Medicare and the FTC

If you notice suspicious activity, report it directly by calling 1-800-MEDICARE (1-800-633-4227) to report Medicare fraud. Also, file a report at IdentityTheft.gov to create a recovery plan with the Federal Trade Commission (FTC). This not only helps you recover faster but also contributes to broader investigations that protect others.

Kurt’s key takeaway

This Medicare breach may not have resulted in confirmed cases of identity theft so far, but that does not mean the situation should be taken lightly or dismissed as low risk. It took malicious actors less than two years to create over 100,000 fake Medicare accounts using valid personal information, which suggests a significant weakness in how sensitive data is being protected and monitored at the federal level.

Do you think healthcare organizations are doing enough to protect your data? Let us know by writing us at Cyberguy.com/Contact

