The United States government’s health insurance system HealthCare.gov recently suffered a data breach that resulted in the theft of thousands of patients’ records.
According to the official statement, unknown attackers breached the government portal’s sign-up system named Federally Facilitated Exchanges (FFE) and compromised around 75,000 patients’ personal data. Managed by the Centers for Medicare & Medicaid Services (CMS), the HealthCare.gov is a platform for insurance agents and brokers to enroll users in Obamacare insurance plans.
The CMS stated they discovered the suspicious activity on October 13, 2018, and notified the Federal law enforcement for an immediate investigation. On October 19, the CMS officials declared that the portal was compromised between October 13 and 16, and it is unclear what information was exposed in the unauthorized activity.
“We are working to address the issue, implement additional security measures, and restore the Direct Enrollment pathway for agents and brokers within the next 7 days,” the statement said.
The accounts connected to the data breach were deactivated and the enrolment platform was temporarily disabled. The government is enhancing the security measures of the portal and investigating to find the culprits behind the breach.
“Our number one priority is the safety and security of the Americans we serve. We will continue to work around the clock to help those potentially impacted and ensure the protection of consumer information,” said CMS Administrator Seema Verma. “I want to make clear to the public that HealthCare.gov and the Marketplace Call Center are still available, and open enrollment will not be negatively impacted. We are working to identify the individuals potentially impacted as quickly as possible so that we can notify them and provide resources such as credit protection.”