Overview
- The Washington Post downloaded a public database that feeds the new Medicare provider directory and found dozens of doctors’ Social Security numbers linked to names and other details.
- CMS said it is fixing the issue and blamed providers for entering data in the wrong fields, and the agency said it is reinforcing safeguards on data submission and validation.
- The agency has not disclosed how many people were affected or whether it has notified the providers whose numbers were exposed.
- The database had been open to the public for several weeks before reporters alerted federal officials, according to the coverage.
- The directory launched last year to help seniors find in‑network doctors, drew complaints about errors and a rushed rollout, and was tied in coverage to DOGE-led changes and reported CMS layoffs that critics say weakened oversight as a national directory beta is planned later this year.