Supply chain
β Supply Chain
Centers for Medicare & Medicaid Services (CMS) Third-Party Breach (September 2024)
Primary Source βIncident Details
CMS Notifies Individuals Potentially Impacted by Data Breach | CMS. The Centers for Medicare & Medicaid Services (CMS) and Wisconsin Physicians Service Insurance Corporation (WPS) are notifying people whose protected health information or other personally identifiable information (PII) may have been compromised in connection with Medicare administrative services provided by WPS. WPS is a CMS contractor that handles Medicare Part A/B claims and related services for CMS. Third-party company: Wisconsin Physicians Service Insurance Corporation (WPS).
Technical Details
- Initial Attack Vector
- Compromise of third-party service provider / vendor relationship
- Vendor / Product
- Wisconsin Physicians Service Insurance Corporation (WPS)
- Supply Chain Attack
- β Confirmed third-party / vendor compromise
Timeline
- 2024-09-01 Breach occurred
- 2025-05-13 Publicly disclosed