CMS and the Wisconsin Physicians Service Insurance Corp. are notifying almost 947,000 individuals that some of their protected health information was compromised in a May 2023 security breach. The security breach involved the exploitation of a zero day vulnerability in Progress Software's MOVEit software, which was used by WPS for transferring files in connection with the services provided to the CMS. The vulnerability was discovered by Progress Software and a patch was issued on May 31, 2023, to fix the vulnerability; however, the Cl0p ransomware group had already mass exploited the vulnerability and stole files from thousands of MOVEit users in what was the biggest hack of 2023.
