Healthcare.gov website suffers data breach affecting 75,000 enrollees

According to a post from the Center for Medicare and Medicaid Services, a portal associated with signing up individuals for services associated with the Affordable Care Act (colloquially known as Obamacare) was hacked. The news post from CMS indicated the following information about the data breach at the healthcare.gov portal:

Earlier this week, CMS staff detected anomalous activity in the Federally Facilitated Exchanges, or FFE’s Direct Enrollment pathway for agents and brokers. The Direct Enrollment pathway, first launched in 2013, allows agents and brokers to assist consumers with applications for coverage in the FFE.

At this time, we believe that approximately 75,000 individuals’ files were accessed. While this is a small fraction of consumer records present on the FFE, any breach of our system is unacceptable.

Once the breach was uncovered, the Center for Medicare and Medicaid Services, which oversees and administers the Affordable Care Act and the heathcare.gov site, took precautions to secure their network and also alerted authorities about the issue. As a result of the breach, CMS shut down the Direct Enrollment pathway but left both healthcare.gov and the Marketplace Call Center open for those who need to enroll in Obamacare. CMS stated that they are actively seeking out each individual that may be affected by the breach. They promised to work 24/7 to ensure consumer protection and also to not allow the enrollment process to be affected.

As far as CMS is concerned, the breach is a serious matter and will be rectified with a full investigation. There was no indication given in the news report as to who was thought to have been responsible for the breach and the extent that the 75,000 victims’ data had been exploited. It is also possible that the number is higher than the estimated victim count, but much more data will be likely gathered as the investigation continues. CMS also stated that it intends to reestablish the Direct Enrollment pathway within a week or so.

Featured image: Shutterstock

Derek Kortepeter

Derek Kortepeter is a graduate of UCLA and tech journalist that is committed to creating an informed society with regards to Information Security. Kortepeter specializes in areas such as penetration testing, cryptography, cyber warfare, and governmental InfoSec policy.

Share
Published by
Derek Kortepeter

Recent Posts

Mozi botnet behind massive spike in IoT device attacks

The Mozi botnet appears to be another unintended consequence of people spending more time at…

10 hours ago

4 startups with innovative solutions to enhance customer experience

These three startups are enhancing the customer experience by solving an array of challenges across…

15 hours ago

See the light: How to avoid webcam hacking

With so many employees video conferencing from home, the webcam may be a portal to…

3 days ago

Using Intel VTune Profiler performance analyzer on Hyper-V VMs

The Intel VTune Profiler performance analyzer can do more than monitor a system’s CPU utilization.…

4 days ago

The evolution of backup: Interview with Altaro’s Simon Attard

Backup is not the glitziest part of an IT pro’s job, but it may be…

4 days ago

U.S. Department of Veterans Affairs experiences data breach

A successful cyberattack initiated by a social engineering campaign has caused a data breach at…

4 days ago