HealthCare.gov System Breached: 75,000 Users Affected

HealthCare.gov System Breached: 75,000 Users Affected

Hackers have breached a HealthCare.gov sign-up form, stealing the personal data of nearly 75,000 people.

Hackers have breached a HealthCare.gov sing-up system, stealing the personal information of nearly 75,000 people, the government said. 

The system is named Federally Facilitated Exchanges (FFE), and is managed by the Centers for Medicare & Medicaid Services (CMS). Healthcare insurance agents and brokers use the FFE to enroll users into Obamacare plans made available through the official HealthCare.gov portal. 

The CMS said it detected "anomalous system activity" in the FFE on October 13, 2018 and stated an immediate investigation. 

"The agent and broker accounts that were associated with the anomalous activity were deactivated, and - out of an abundance of caution - the Direct Enrollment pathway for agents and brokers was disabled," the CMS said in a press release.

The government agency says it plans to re-enable FFE direct enrollment for agents and brokers within the next seven days.

Ryan Wilk, VP of Customer Success for NuData Security, a Mastercard company, believes the government should be taking advantage of technology that stops an attack before it even happens.

"Online services could be made more secure using technologies that detect anomalous activity at the enrollment stage, before the attack takes place," Wilk said. "Government agencies and businesses online can protect their placements by adding security layers such as passive biometrics and behavioral analytics – and evaluate beyond the credentials. With this approach, online organizations can flag suspicious enrollments or unusual activity happening within the account, preventing an attack.”

About the Author

Sydny Shepard is the Executive Editor of Campus Security & Life Safety.

Featured

New Products

  • 4K Video Decoder

    3xLOGIC’s VH-DECODER-4K is perfect for use in organizations of all sizes in diverse vertical sectors such as retail, leisure and hospitality, education and commercial premises.

  • Zenitel Cloud RMM

    Zenitel Cloud Remote Monitoring & Management (RMM)

    Enhance operational uptime and slash maintenance costs across multi-site environments with secure, centralized cloud-based system diagnostics and lifecycle management.

  • Squire Vulcan Combination Padlocks

    Squire Locks USA Vulcan™ Resettable Combination Padlocks

    Stop competing with flimsy, retail-grade hardware—Squire's professional-grade resettable padlocks deliver heavy-duty boron steel shackles and front-facing dials for rugged outdoor environments.