Medicare Recipients Get New Cards After Data Breach

More than 100,000 Medicare beneficiaries will receive new cards and numbers due to what has been labeled as “data incidents” by their representatives.

The Centers for Medicare and Medicaid Services (CMS) mentioned that they have discovered “suspicious activities” related to the fraudulent creation of Medicare accounts. This occurred through the use of personal details that were “retrieved from an unknown external source.” Reports indicate that between 2023 and 2025, cybercriminals created new accounts fraudulently, using valid beneficiary information like coverage start dates, names, birth dates, and postal codes.

This stolen information could potentially provide access to a beneficiary’s mailing address, provider details, diagnostic codes, services provided, premium information, and service dates.

103,000 Accounts Impacted

About 103,000 affected accounts have now been deactivated, and those whose information may have been compromised have been informed.

According to CMS, “The protection and security of personally identifiable information is paramount.” They have ensured that those impacted will receive new Medicare cards and numbers, clarifying that Medicare benefits remain intact and there have been no reported cases of identity theft resulting from this breach.

Following significant scrutiny, CMS stated that they have disabled all unauthorized accounts on Medicare.gov, halted the creation of new accounts from foreign IP addresses, and mailed out new Medicare cards where necessary.

Beneficiaries are advised to keep an eye on their statements for any signs of identity theft and to report suspicious activities to 1-800 Medicare or their Inspector’s office.