Medicare Directory Leak Exposes Doctors’ Social Security Numbers

In an April 30 report by The Washington Post, a federal Medicare directory linked to Trump’s DOGE initiative and meant to help seniors find doctors exposed personal data, including the Social Security numbers of several health care providers.

The database, created by the Centers for Medicare and Medicaid Services (CMS), was publicly accessible for several weeks. During that time, it showed providers’ names and other highly sensitive details. The issue came to light only after the outlet alerted federal officials.

The report stated: "The Centers for Medicare and Medicaid Services (CMS) last year created a directory to help seniors look up which doctors and medical providers accept which insurance plans, framing it as an overdue improvement and part of the Trump administration’s initiative to modernize health care technology." However, "a publicly accessible database used to populate the directory contains some of the providers’ Social Security numbers, linked to their names and other identifying information."

CMS said it is now working to fix the problem. A spokesperson explained that the leak happened because of incorrect data entries. The spokesperson said that the issue “stems from incorrect entries of provider or provider-representative-supplied information in the wrong places — essentially, that providers entered information in the wrong place and left their own Social Security numbers exposed."

The directory was launched last year as a part of an effort to modernise health care services. It was designed to help older Americans easily check which doctors accept their insurance plans. Officials had described it as a long-overdue upgrade. However, the exposure has raised concerns about data safety and system design. Experts say such sensitive information should never be stored in a way that allows public access, even by mistake.

The system was launched with inputs from tech billionaire Elon Musk. He later left the program after a public disagreement with administration officials.

Despite its goals, analysts say DOGE has not delivered clear savings for taxpayers. Some now question whether proper safeguards were in place when new systems like the Medicare directory were built.

There is no clear number yet on how many providers were affected. CMS has not said if those impacted will be notified directly. It also remains unclear if any data was misused during the exposure period.

Privacy advocates warn that even a short leak can have lasting effects. Social Security numbers can be used for identity theft and fraud. They say stronger checks are needed before launching public tools.

For now, CMS says it is reviewing the system and taking steps to prevent similar issues in the future.