Medicare portal database exposed health providers' Social Security numbers

Source: Washington Post

April 30, 2026 at 8:08 p.m. EDT


The Trump administration inadvertently exposed the Social Security numbers of health care providers in a database powering a new Medicare portal, The Washington Post found.

The Centers for Medicare and Medicaid Services (CMS) last year created a directory to help seniors look up which doctors and medical providers accept which insurance plans, framing it as an overdue improvement and part of the Trump administration’s initiative to modernize health care technology.

But a publicly accessible database used to populate the directory contains some of the providers’ Social Security numbers, linked to their names and other identifying information. For at least several weeks, CMS made the database available for public use as part of its data transparency efforts. The files are not immediately visible to users who visit the provider directory.

The Post downloaded the database and identified at least dozens of Social Security numbers belonging to health care providers while reviewing a sample of rows. CMS did not respond to questions about how many providers’ Social Security numbers were exposed, whether it had notified the individual providers and other details about the incident.

Read more: https://www.washingtonpost.com/health/2026/04/30/medicare-portal-social-security-numbers-exposed/