Overview
- Reporters found that a public database feeding Medicare’s new provider lookup listed dozens of doctors’ Social Security numbers for weeks.
- The Washington Post downloaded the files and alerted officials, and CMS removed the data and said the flaw was fixed and safeguards were reinforced.
- CMS said incorrect provider submissions put Social Security numbers in the wrong fields and said it is tightening data checks and validation.
- The agency has not said how many records were exposed or whether it notified the affected providers, leaving key risks and follow-up steps unclear.
- The leak revived concern over a rushed rollout, past listing errors such as duplicate addresses and wrong network status, and workforce changes linked to the administration’s efficiency drive, as Democrats now press for a House investigation.