MedicareCompareUSA Data Breach Exposes Social Security Numbers

In November 2024, MedicareCompareUSA, a Medicare insurance agency, detected suspicious activity involving certain email accounts. After securing their systems, the company launched a thorough investigation to determine the scope and impact of the incident. The investigation revealed that unauthorized access occurred between November 5 and November 21, 2024.

So far, we know at least five Massachusetts residents were impacted, according to a disclosure filed with the Massachusetts Attorney General's office on May 12, 2025.

The breach involved files containing personally identifiable information (PII), including names, dates of birth, and either Social Security numbers or individual tax identification numbers. The unauthorized access was limited to certain email accounts, and there is no indication at this time of broader system compromise or evidence that the information has been misused. However, because the exposed data includes sensitive identifiers, there is a risk of identity theft or fraud.

MedicareCompareUSA's response

Upon discovering the suspicious activity, MedicareCompareUSA acted quickly to secure its email systems and launched a comprehensive investigation. The company also implemented additional cybersecurity measures and reviewed its existing security policies to help prevent similar events in the future.

For those affected, MedicareCompareUSA is offering complimentary credit monitoring, credit reports, and credit score services for 24 months through Cyberscout, a TransUnion company specializing in fraud assistance. These services provide alerts when changes occur to a participant’s credit file, giving individuals the ability to respond quickly to any suspicious activity. MedicareCompareUSA is also providing access to proactive fraud assistance resources.

If you received a notice from MedicareCompareUSA, it is strongly recommended that you enroll in the free credit monitoring services as soon as possible, as the company cannot do this on your behalf. In addition, you should remain vigilant by reviewing your account statements, monitoring your free annual credit reports, and considering placing a fraud alert or credit freeze on your credit files if you notice any suspicious activity. For further details and enrollment instructions, refer to the notice provided by the company or contact the dedicated support line listed in your letter.