CMMS
Company Details
Linkedin ID:
centers-for-medicare-&-medicaid-services
Website:
Employees number:
6,169
Number of followers:
587,848
NAICS:
92
Industry Type:
Homepage:
cms.gov
IP Addresses:
1282
Company ID:
CEN_1789392
Scan Status:
Completed
Centers for Medicare & Medicaid Services Company CyberSecurity Posture
cms.gov
The Centers for Medicare & Medicaid Services (CMS), a federal agency within the U.S. Department of Health and Human Services, is one of the largest purchasers of health care in the world. Medicare, Medicaid, the Children's Health Insurance Program (CHIP) and the Health Insurance Marketplace provide coverage for more than 160 million Americans. The United States Government does not discriminate in employment on the basis of race, color, religion, sex (including pregnancy and gender identity), national origin, political affiliation, sexual orientation, marital status, disability, genetic information, age, membership in an employee organization, retaliation, parental status, military service, or other non-merit factor. Federal agencies must provide reasonable accommodation to applicants with disabilities where appropriate.
Centers for Medicare & Medicaid Services A.I CyberSecurity Scoring
CMMS Risk Score (AI oriented)Between 700 and 749
CMMS
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
CMMS Global Score (TPRM)XXXX
CMMS
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
CMMS Company CyberSecurity News & History
Past Incidents
7
Attack Types
2
Centers for Medicare & Medicaid Services (CMS)
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks: Attack which causes leak of personal information of customers ( only if no ransomware )
Description: In June, two major breaches compromised over 13 million patient records. Now, a newly confirmed Medicare data breach has affected more than 100,000 Americans. Hackers accessed sensitive data linked to Medicare.gov accounts, including full names, dates of birth, ZIP codes, Medicare Beneficiary Identifiers (MBIs), Medicare coverage details, home addresses, provider and diagnosis codes, services received, and plan premium details. CMS has deactivated all affected accounts and is mailing new Medicare cards to the estimated 103,000 individuals affected. No confirmed identity theft cases have been reported yet.
Centers for Medicare & Medicaid Services (CMS)
Vulnerability
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: On September 6, CMS announced a data breach notification stemming from a security vulnerability in MOVEit, a file transfer application by Progress Software, used by the contractor WPS. This breach potentially affected the sensitive data of around 946,801 Medicare beneficiaries, compromising personal information collected for Medicare claims management and supporting CMS healthcare provider audits. The data may include PII of both Medicare beneficiaries and non-beneficiaries. The breach was detected between May 27 and 31, 2023, with CMS being notified on July 8. Affected individuals are being contacted via mail.
Centers for Medicare & Medicaid Services (CMS)
Vulnerability
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: CMS, alongside WPS, is alerting individuals to a breach stemming from a vulnerability in MOVEit software. This incident, detected on July 8, compromised PII of Medicare beneficiaries and others, potentially impacting 946,801 people. The data breach involved information used in Medicare claim management and CMS audits. Personal information was exposed during the unauthorized access that occurred between May 27 and May 31, 2023.
Centers for Medicare & Medicaid Services (CMS)
Vulnerability
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: CMS, in collaboration with its contractor WPS, is addressing a breach where private health information may have been exposed due to a vulnerability in MOVEit software used for Medicare administrative tasks. The incident exposed personal data of Medicare beneficiaries and additional PII for CMS audits. The breach, discovered between May 27 and May 31, 2023, affected approximately 946,801 individuals, leading to notifications being sent to those impacted.
Centers for Medicare & Medicaid Services (CMS)
Vulnerability
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: CMS and WPS are notifying individuals of a security incident that resulted from a vulnerability in MOVEit software, leading to potential unauthorized access to personal information. This incident has potentially compromised PII of Medicare beneficiaries, impacting Medicare claims management and healthcare provider CMS audits. Approximately 946,801 people with Medicare are being affected with notifications being dispatched.
Centers for Medicare & Medicaid Services (CMS)
Vulnerability
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: In a security incident revealed by CMS and their contractor WPS, personally identifiable information (PII) of Medicare beneficiaries and others may have been compromised due to a vulnerability exploited in the MOVEit software. Information related to the management of Medicare claims and CMS healthcare provider audits was potentially accessed without authorization. This incident, affecting 946,801 individuals, was discovered to have occurred between May 27 and May 31, 2023, leading to a large-scale notification effort.
Centers for Medicare & Medicaid Services
Vulnerability
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: CMS, along with WPS, is alerting individuals about a potential compromise of protected health information due to a security vulnerability within the MOVEit software. This third-party application's flaw permitted unauthorized access to personal data of Medicare beneficiaries and PII related to CMS healthcare provider audits between May 27 and May 31, 2023. About 946,801 Medicare recipients are being notified of the incident that involves the breach of sensitive data. The breach was brought to CMS's attention on July 8, potentially affecting the privacy of a substantial number of people.
CMMS Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for CMMS
Incidents vs Government Administration Industry Average (This Year)
Centers for Medicare & Medicaid Services has 53.85% more incidents than the average of same-industry companies with at least one recorded incident.
Incidents vs All-Companies Average (This Year)
Centers for Medicare & Medicaid Services has 56.25% more incidents than the average of all companies with at least one recorded incident.
Incident Types CMMS vs Government Administration Industry Avg (This Year)
Centers for Medicare & Medicaid Services reported 1 incidents this year: 0 cyber attacks, 0 ransomware, 0 vulnerabilities, 1 data breaches, compared to industry peers with at least 1 incident.
Incident History — CMMS (X = Date, Y = Severity)
CMMS cyber incidents detection timeline including parent company and subsidiaries
CMMS Company Subsidiaries
The Centers for Medicare & Medicaid Services (CMS), a federal agency within the U.S. Department of Health and Human Services, is one of the largest purchasers of health care in the world. Medicare, Medicaid, the Children's Health Insurance Program (CHIP) and the Health Insurance Marketplace provide coverage for more than 160 million Americans. The United States Government does not discriminate in employment on the basis of race, color, religion, sex (including pregnancy and gender identity), national origin, political affiliation, sexual orientation, marital status, disability, genetic information, age, membership in an employee organization, retaliation, parental status, military service, or other non-merit factor. Federal agencies must provide reasonable accommodation to applicants with disabilities where appropriate.
Loading...
CMMS Similar Companies
South African Revenue Service (SARS)
Its main functions are to: collect and administer all national taxes, duties and levies; collect revenue that may be imposed under any other legislation, as agreed on between SARS and an organ of state or institution entitled to the revenue; provide protection against the illegal importation
I WORK FOR SA
The OFFICIAL careers page for the South Australian Government. The South Australian Public Sector is the State's largest workforce. We are an employer of choice that reflects the diverse community we serve. Our people are from a range of backgrounds and vocations, from entry level, mid-career and
U.S. Department of Education
Our mission is to promote student achievement and preparation for global competitiveness by fostering educational excellence and ensuring equal access. ED is dedicated to: • Establishing policies on federal financial aid for education, and distributing as well as monitoring those funds. • Collect
UK Home Office
At the Home Office, we help to ensure that the country is safe and secure. We’ve been looking after UK citizens since 1782. We are responsible for: - working on the problems caused by illegal drug use - shaping the alcohol strategy, policy and licensing conditions - keeping the United Kingdom safe
City of Los Angeles
The City of Los Angeles employs more than 45,000 people in a wide range of careers. Visit our website for information on current openings, including regular civil service positions, exempt and emergency appointment opportunities, in addition to internships! The City of Los Angeles is a Mayor-Counci
Ministry of Health Saudi Arabia
The Ministry of Health (MOH), by way of its objectives, policies and projects included in this strategy, seeks to accomplish a promising future vision; namely, delivering best-quality integrated and comprehensive healthcare services. Carrying health conditions or health status of Saudi inhabitants t
Queensland Government
We are the largest and most diverse organisation in our state. We have more than 90 government departments and organisations providing essential services across 4000+ locations—from the Torres Strait to the Gold Coast; Mount Isa to Brisbane. We are passionate about making Queensland better through
GSA
General Services Administration (GSA) is an independent agency of the United States government established in 1949 to help manage and support the basic functioning of federal agencies. Our organization includes the Public Buildings Service (PBS), Federal Acquisition Service (FAS), and a variety of S
State of Minnesota
Minnesota State Government is the third largest employer in the state of Minnesota, employing over 50,000 diverse and talented employees in more than 100 state agencies, boards, commissions, colleges, and universities. Our workplaces can be found across the state in 86 out of 87 Minnesota counties a
.png)
CMMS CyberSecurity News
November 27, 2025 01:05 PM
Trump says he may back temporary extension of Obamacare subsidies
Trump signals possible short-term Obamacare subsidy extension while proposing direct payments to enrollees amid ongoing ACA policy shifts.
November 26, 2025 11:24 PM
Medicare Price Cuts For 15 Drugs In 2027 Likely Not As Large As CMS Estimates
Under the Inflation Reduction Act, CMS negotiated lower Medicare Part D prices for 15 drugs with 2027 costs 38%-85% lower than 2024 list...
November 26, 2025 10:11 PM
Mercy: St. Elizabeth no longer at risk of losing CMS accreditation following review
A spokesperson for Mercy Health - St. Elizabeth Youngstown Hospital shared with 21 News that the hospital is in full compliance with the...
November 26, 2025 09:41 PM
CMS Announces New Hospice Tax Fraud Initiative
The U.S. Centers for Medicare & Medicaid Services (CMS) has launched a new initiative designed to help curb fraudulent billing and tax...
November 26, 2025 08:54 PM
OIG sees potential for savings in Medicare CGM coverage
The Office of Inspector General issued a report stating that the Medicare program could save “tens of millions of dollars” in a single year...
November 26, 2025 07:21 PM
Medicare Rule on Outpatient, Ambulatory Surgical Center Rates Gets Divided Reactions
Hospital groups and patient advocacy organizations clashed over potential benefits and harms of the latest Medicare payment policies and...
November 26, 2025 07:21 PM
Trump admin unveils Medicare negotiated price cuts for 15 drugs
Medicare will get a 71% discount off the list price of Ozempic and Wegovy starting in 2027.
November 26, 2025 06:32 PM
Medicare Advantage network oversight is rare, CMS records show
Health systems often leave Medicare Advantage plans, but documents show CMS rarely warns insurers when provider networks are too thin to...
November 26, 2025 05:57 PM
CMS reports large savings from new Medicare drug price negotiations
The US regulator has reported a sharp rise in expected savings after completing its second round of Medicare drug price negotiations,...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
CMMS CyberSecurity History Information
Official Website of Centers for Medicare & Medicaid Services
The official website of Centers for Medicare & Medicaid Services is http://www.cms.gov.
Centers for Medicare & Medicaid Services’s AI-Generated Cybersecurity Score
According to Rankiteo, Centers for Medicare & Medicaid Services’s AI-generated cybersecurity score is 703, reflecting their Moderate security posture.
How many security badges does Centers for Medicare & Medicaid Services’ have ?
According to Rankiteo, Centers for Medicare & Medicaid Services currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Centers for Medicare & Medicaid Services have SOC 2 Type 1 certification ?
According to Rankiteo, Centers for Medicare & Medicaid Services is not certified under SOC 2 Type 1.
Does Centers for Medicare & Medicaid Services have SOC 2 Type 2 certification ?
According to Rankiteo, Centers for Medicare & Medicaid Services does not hold a SOC 2 Type 2 certification.
Does Centers for Medicare & Medicaid Services comply with GDPR ?
According to Rankiteo, Centers for Medicare & Medicaid Services is not listed as GDPR compliant.
Does Centers for Medicare & Medicaid Services have PCI DSS certification ?
According to Rankiteo, Centers for Medicare & Medicaid Services does not currently maintain PCI DSS compliance.
Does Centers for Medicare & Medicaid Services comply with HIPAA ?
According to Rankiteo, Centers for Medicare & Medicaid Services is not compliant with HIPAA regulations.
Does Centers for Medicare & Medicaid Services have ISO 27001 certification ?
According to Rankiteo,Centers for Medicare & Medicaid Services is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Centers for Medicare & Medicaid Services
Centers for Medicare & Medicaid Services operates primarily in the Government Administration industry.
Number of Employees at Centers for Medicare & Medicaid Services
Centers for Medicare & Medicaid Services employs approximately 6,169 people worldwide.
Subsidiaries Owned by Centers for Medicare & Medicaid Services
Centers for Medicare & Medicaid Services presently has no subsidiaries across any sectors.
Centers for Medicare & Medicaid Services’s LinkedIn Followers
Centers for Medicare & Medicaid Services’s official LinkedIn profile has approximately 587,848 followers.
NAICS Classification of Centers for Medicare & Medicaid Services
Centers for Medicare & Medicaid Services is classified under the NAICS code 92, which corresponds to Public Administration.
Centers for Medicare & Medicaid Services’s Presence on Crunchbase
No, Centers for Medicare & Medicaid Services does not have a profile on Crunchbase.
Centers for Medicare & Medicaid Services’s Presence on LinkedIn
Yes, Centers for Medicare & Medicaid Services maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/centers-for-medicare-&-medicaid-services.
Cybersecurity Incidents Involving Centers for Medicare & Medicaid Services
As of November 28, 2025, Rankiteo reports that Centers for Medicare & Medicaid Services has experienced 7 cybersecurity incidents.
Number of Peer and Competitor Companies
Centers for Medicare & Medicaid Services has an estimated 11,165 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Centers for Medicare & Medicaid Services ?
Incident Types: The types of cybersecurity incidents that have occurred include Breach and Vulnerability.
How does Centers for Medicare & Medicaid Services detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an communication strategy with notifications sent to impacted individuals, and communication strategy with notification to affected individuals, and communication strategy with affected individuals are being contacted via mail, and communication strategy with notifications being dispatched to affected individuals, and containment measures with account deactivation, containment measures with issuing new medicare cards, and communication strategy with letters to affected individuals..
Incident Details
Can you provide details on each incident ?
Title: CMS and WPS Data Breach
Description: CMS, in collaboration with its contractor WPS, is addressing a breach where private health information may have been exposed due to a vulnerability in MOVEit software used for Medicare administrative tasks. The incident exposed personal data of Medicare beneficiaries and additional PII for CMS audits. The breach, discovered between May 27 and May 31, 2023, affected approximately 946,801 individuals, leading to notifications being sent to those impacted.
Date Detected: 2023-05-27 to 2023-05-31
Type: Data Breach
Attack Vector: Exploitation of a software vulnerability
Vulnerability Exploited: MOVEit software vulnerability
Title: Unauthorized Access to Protected Health Information via MOVEit Software Vulnerability
Description: CMS, along with WPS, is alerting individuals about a potential compromise of protected health information due to a security vulnerability within the MOVEit software. This third-party application's flaw permitted unauthorized access to personal data of Medicare beneficiaries and PII related to CMS healthcare provider audits between May 27 and May 31, 2023. About 946,801 Medicare recipients are being notified of the incident that involves the breach of sensitive data. The breach was brought to CMS's attention on July 8, potentially affecting the privacy of a substantial number of people.
Date Detected: 2023-07-08
Type: Data Breach
Attack Vector: Software Vulnerability
Vulnerability Exploited: MOVEit software vulnerability
Motivation: Unauthorized Access
Title: Data Breach at CMS and WPS
Description: A security incident involving the compromise of personally identifiable information (PII) of Medicare beneficiaries and others due to a vulnerability in the MOVEit software.
Date Detected: May 27, 2023
Type: Data Breach
Attack Vector: Software Vulnerability
Vulnerability Exploited: MOVEit software vulnerability
Title: CMS and WPS Data Breach
Description: CMS, alongside WPS, is alerting individuals to a breach stemming from a vulnerability in MOVEit software. This incident, detected on July 8, compromised PII of Medicare beneficiaries and others, potentially impacting 946,801 people. The data breach involved information used in Medicare claim management and CMS audits. Personal information was exposed during the unauthorized access that occurred between May 27 and May 31, 2023.
Date Detected: 2023-07-08
Type: Data Breach
Attack Vector: Vulnerability Exploitation
Vulnerability Exploited: MOVEit software vulnerability
Title: CMS Medicare Data Breach
Description: A data breach notification was issued by CMS due to a security vulnerability in MOVEit, a file transfer application by Progress Software, used by the contractor WPS. This breach potentially affected the sensitive data of around 946,801 Medicare beneficiaries, compromising personal information collected for Medicare claims management and supporting CMS healthcare provider audits.
Date Detected: 2023-05-27 to 2023-05-31
Date Publicly Disclosed: 2023-09-06
Type: Data Breach
Attack Vector: Security Vulnerability in MOVEit Application
Vulnerability Exploited: MOVEit File Transfer Application
Title: CMS and WPS Data Breach via MOVEit Software Vulnerability
Description: A security incident resulting from a vulnerability in MOVEit software led to potential unauthorized access to personal information of Medicare beneficiaries.
Type: Data Breach
Attack Vector: Software Vulnerability
Vulnerability Exploited: MOVEit software vulnerability
Motivation: Unauthorized access to personal information
Title: Medicare Data Breach
Description: A newly confirmed Medicare data breach has affected more than 100,000 Americans. Hackers accessed sensitive data linked to Medicare.gov accounts.
Date Detected: May 2025
Type: Data Breach
Attack Vector: Account Creation using Stolen Personal Data
Vulnerability Exploited: Stolen Personal Data from External Sources
Motivation: Data Theft
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Vulnerability.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Medicare.gov Accounts.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach CEN000091524
Data Compromised: Personal data of medicare beneficiaries, Pii for cms audits
Systems Affected: MOVEit software
Incident : Data Breach CEN000100624
Data Compromised: Protected Health Information, Personal Identifiable Information (PII)
Systems Affected: MOVEit software
Incident : Data Breach CEN001032425
Data Compromised: Personally Identifiable Information (PII)
Incident : Data Breach CEN001032925
Data Compromised: Pii of medicare beneficiaries, Information used in medicare claim management and cms audits
Incident : Data Breach CEN001033025
Data Compromised: Personal Information
Incident : Data Breach CEN001040525
Data Compromised: Personal Information, Medicare claims data
Systems Affected: MOVEit software
Operational Impact: Impact on Medicare claims management and healthcare provider CMS audits
Incident : Data Breach CEN821071225
Data Compromised: Full names, Dates of birth, Zip codes, Medicare beneficiary identifiers (mbis), Medicare coverage details, Home addresses, Provider and diagnosis codes, Services received, Plan premium details
Systems Affected: Medicare.gov Accounts
Identity Theft Risk: ['High']
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Personal Data Of Medicare Beneficiaries, Pii For Cms Audits, , Protected Health Information, Personal Identifiable Information (Pii), , Personally Identifiable Information (PII), PII, PII of Medicare beneficiaries and non-beneficiaries, Personal Information, Personal Information, Medical Information and .
Which entities were affected by each incident ?
Incident : Data Breach CEN000091524
Entity Name: CMS (Centers for Medicare & Medicaid Services)
Entity Type: Government Agency
Industry: Healthcare
Customers Affected: 946801
Incident : Data Breach CEN000100624
Entity Name: CMS
Entity Type: Government Agency
Industry: Healthcare
Customers Affected: 946,801 Medicare recipients
Incident : Data Breach CEN001032425
Entity Name: ['CMS', 'WPS']
Entity Type: Government Agency, Contractor
Industry: Healthcare
Customers Affected: 946,801 individuals
Incident : Data Breach CEN001032925
Entity Name: Centers for Medicare & Medicaid Services (CMS)
Entity Type: Government Agency
Industry: Healthcare
Location: United States
Customers Affected: 946801
Incident : Data Breach CEN001032925
Entity Name: WPS
Entity Type: Healthcare Provider
Industry: Healthcare
Location: United States
Customers Affected: 946801
Incident : Data Breach CEN001033025
Entity Name: Centers for Medicare & Medicaid Services (CMS)
Entity Type: Government Agency
Industry: Healthcare
Customers Affected: 946,801 Medicare beneficiaries
Incident : Data Breach CEN001040525
Entity Name: CMS and WPS
Entity Type: Government Agency
Industry: Healthcare
Customers Affected: 946801
Incident : Data Breach CEN821071225
Entity Name: Centers for Medicare & Medicaid Services (CMS)
Entity Type: Government Agency
Industry: Healthcare
Location: United States
Customers Affected: 103,000
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Data Breach CEN000091524
Communication Strategy: Notifications sent to impacted individuals
Incident : Data Breach CEN000100624
Communication Strategy: Notification to affected individuals
Incident : Data Breach CEN001033025
Communication Strategy: Affected individuals are being contacted via mail
Incident : Data Breach CEN001040525
Communication Strategy: Notifications being dispatched to affected individuals
Incident : Data Breach CEN821071225
Containment Measures: Account DeactivationIssuing New Medicare Cards
Communication Strategy: Letters to Affected Individuals
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach CEN000091524
Type of Data Compromised: Personal data of medicare beneficiaries, Pii for cms audits
Number of Records Exposed: 946801
Sensitivity of Data: High
Incident : Data Breach CEN000100624
Type of Data Compromised: Protected health information, Personal identifiable information (pii)
Number of Records Exposed: 946,801
Sensitivity of Data: High
Personally Identifiable Information: Yes
Incident : Data Breach CEN001032425
Type of Data Compromised: Personally Identifiable Information (PII)
Number of Records Exposed: 946,801
Personally Identifiable Information: Yes
Incident : Data Breach CEN001032925
Type of Data Compromised: PII
Number of Records Exposed: 946801
Sensitivity of Data: High
Incident : Data Breach CEN001033025
Type of Data Compromised: PII of Medicare beneficiaries and non-beneficiaries
Number of Records Exposed: 946,801
Sensitivity of Data: High
Incident : Data Breach CEN001040525
Type of Data Compromised: Personal Information
Number of Records Exposed: 946801
Sensitivity of Data: High
Personally Identifiable Information: Yes
Incident : Data Breach CEN821071225
Type of Data Compromised: Personal information, Medical information
Number of Records Exposed: 103,000
Sensitivity of Data: High
Personally Identifiable Information: Full namesDates of birthZIP codesMedicare Beneficiary Identifiers (MBIs)Medicare coverage detailsHome addressesProvider and diagnosis codesServices receivedPlan premium details
How does the company handle incidents involving personally identifiable information (PII) ?
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through by account deactivation, issuing new medicare cards and .
Lessons Learned and Recommendations
What recommendations were made to prevent future incidents ?
Incident : Data Breach CEN821071225
Recommendations: Watch for unusual account activity, Use an identity theft protection service, Secure your Medicare information, Remove personal data, Report fraud to Medicare and the FTCWatch for unusual account activity, Use an identity theft protection service, Secure your Medicare information, Remove personal data, Report fraud to Medicare and the FTCWatch for unusual account activity, Use an identity theft protection service, Secure your Medicare information, Remove personal data, Report fraud to Medicare and the FTCWatch for unusual account activity, Use an identity theft protection service, Secure your Medicare information, Remove personal data, Report fraud to Medicare and the FTCWatch for unusual account activity, Use an identity theft protection service, Secure your Medicare information, Remove personal data, Report fraud to Medicare and the FTC
References
Where can I find more information about each incident ?
Incident : Data Breach CEN001032925
Source: Cyber Incident Description
Incident : Data Breach CEN001033025
Source: CMS Announcement
Incident : Data Breach CEN821071225
Source: Fox News
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Cyber Incident Description, and Source: CMS Announcement, and Source: Fox News.
Investigation Status
What is the current status of the investigation for each incident ?
Incident : Data Breach CEN821071225
Investigation Status: Ongoing
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Notifications sent to impacted individuals, Notification to affected individuals, Affected individuals are being contacted via mail, Notifications being dispatched to affected individuals and Letters To Affected Individuals.
Stakeholder and Customer Advisories
Were there any advisories issued to stakeholders or customers for each incident ?
Incident : Data Breach CEN000091524
Customer Advisories: Notifications sent to impacted individuals
Incident : Data Breach CEN001040525
Customer Advisories: Notifications being dispatched to affected individuals
Incident : Data Breach CEN821071225
Customer Advisories: Monitor your Medicare.gov account for suspicious activityReport unauthorized services or charges immediately
What advisories does the company provide to stakeholders and customers following an incident ?
Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: were Notifications sent to impacted individuals, Notifications being dispatched to affected individuals, Monitor Your Medicare.Gov Account For Suspicious Activity, Report Unauthorized Services Or Charges Immediately and .
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Data Breach CEN821071225
Entry Point: Medicare.Gov Accounts,
Reconnaissance Period: ['Late 2023']
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : Data Breach CEN000091524
Root Causes: Vulnerability in MOVEit software
Incident : Data Breach CEN001040525
Root Causes: Vulnerability in MOVEit software
Incident : Data Breach CEN821071225
Root Causes: Stolen Personal Data From External Sources,
Additional Questions
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2023-05-27 to 2023-05-31.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2023-09-06.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Personal data of Medicare beneficiaries, PII for CMS audits, , Protected Health Information, Personal Identifiable Information (PII), Personally Identifiable Information (PII), PII of Medicare beneficiaries, Information used in Medicare claim management and CMS audits, , Personal Information, Personal Information, Medicare claims data, Full names, Dates of birth, ZIP codes, Medicare Beneficiary Identifiers (MBIs), Medicare coverage details, Home addresses, Provider and diagnosis codes, Services received, Plan premium details and .
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was Medicare.gov Accounts.
Response to the Incidents
What containment measures were taken in the most recent incident ?
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident was Account DeactivationIssuing New Medicare Cards.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Personal Information, Medicare claims data, Plan premium details, Personally Identifiable Information (PII), Home addresses, Protected Health Information, Personal Identifiable Information (PII), Personal data of Medicare beneficiaries, Personal Information, Medicare Beneficiary Identifiers (MBIs), Information used in Medicare claim management and CMS audits, Full names, Medicare coverage details, PII for CMS audits, Services received, ZIP codes, Provider and diagnosis codes, Dates of birth and PII of Medicare beneficiaries.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 2.9M.
Lessons Learned and Recommendations
What was the most significant recommendation implemented to improve cybersecurity ?
Most Significant Recommendation Implemented: The most significant recommendation implemented to improve cybersecurity was Report fraud to Medicare and the FTC, Secure your Medicare information, Watch for unusual account activity, Use an identity theft protection service and Remove personal data.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident are Fox News, CMS Announcement and Cyber Incident Description.
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Ongoing.
Stakeholder and Customer Advisories
What was the most recent customer advisory issued ?
Most Recent Customer Advisory: The most recent customer advisory issued were an Notifications sent to impacted individuals, Notifications being dispatched to affected individuals and Monitor your Medicare.gov account for suspicious activityReport unauthorized services or charges immediately.
Initial Access Broker
What was the most recent reconnaissance period for an incident ?
Most Recent Reconnaissance Period: The most recent reconnaissance period for an incident was Late 2023.
Post-Incident Analysis
What was the most significant root cause identified in post-incident analysis ?
Most Significant Root Cause: The most significant root cause identified in post-incident analysis was Vulnerability in MOVEit software, Vulnerability in MOVEit software, Stolen Personal Data from External Sources.
.png)
Latest Global CVEs (Not Company-Specific)
Description
ThingsBoard in versions prior to v4.2.1 allows an authenticated user to upload malicious SVG images via the "Image Gallery", leading to a Stored Cross-Site Scripting (XSS) vulnerability. The exploit can be triggered when any user accesses the public API endpoint of the malicious SVG images, or if the malicious images are embedded in an `iframe` element, during a widget creation, deployed to any page of the platform (e.g., dashboards), and accessed during normal operations. The vulnerability resides in the `ImageController`, which fails to restrict the execution of JavaScript code when an image is loaded by the user's browser. This vulnerability can lead to the execution of malicious code in the context of other users' sessions, potentially compromising their accounts and allowing unauthorized actions.
Risk Information
cvss4
Base: 6.2
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:H/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Mattermost versions 11.0.x <= 11.0.2, 10.12.x <= 10.12.1, 10.11.x <= 10.11.4, 10.5.x <= 10.5.12 fail to to verify that the token used during the code exchange originates from the same authentication flow, which allows an authenticated user to perform account takeover via a specially crafted email address used when switching authentication methods and sending a request to the /users/login/sso/code-exchange endpoint. The vulnerability requires ExperimentalEnableAuthenticationTransfer to be enabled (default: enabled) and RequireEmailVerification to be disabled (default: disabled).
Risk Information
cvss3
Base: 9.9
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
References
Description
Mattermost versions 11.0.x <= 11.0.2, 10.12.x <= 10.12.1, 10.11.x <= 10.11.4, 10.5.x <= 10.5.12 fail to sanitize team email addresses to be visible only to Team Admins, which allows any authenticated user to view team email addresses via the GET /api/v4/channels/{channel_id}/common_teams endpoint
Risk Information
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
References
Description
Exposure of email service credentials to users without administrative rights in Devolutions Server.This issue affects Devolutions Server: before 2025.2.21, before 2025.3.9.
Description
Exposure of credentials in unintended requests in Devolutions Server.This issue affects Server: through 2025.2.20, through 2025.3.8.
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=centers-for-medicare-&-medicaid-services' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
