HealthCare.gov System Breached: 75,000 Users Affected

HealthCare.gov System Breached: 75,000 Users Affected

Hackers have breached a HealthCare.gov sign-up form, stealing the personal data of nearly 75,000 people.

Hackers have breached a HealthCare.gov sing-up system, stealing the personal information of nearly 75,000 people, the government said. 

The system is named Federally Facilitated Exchanges (FFE), and is managed by the Centers for Medicare & Medicaid Services (CMS). Healthcare insurance agents and brokers use the FFE to enroll users into Obamacare plans made available through the official HealthCare.gov portal. 

The CMS said it detected "anomalous system activity" in the FFE on October 13, 2018 and stated an immediate investigation. 

"The agent and broker accounts that were associated with the anomalous activity were deactivated, and - out of an abundance of caution - the Direct Enrollment pathway for agents and brokers was disabled," the CMS said in a press release.

The government agency says it plans to re-enable FFE direct enrollment for agents and brokers within the next seven days.

Ryan Wilk, VP of Customer Success for NuData Security, a Mastercard company, believes the government should be taking advantage of technology that stops an attack before it even happens.

"Online services could be made more secure using technologies that detect anomalous activity at the enrollment stage, before the attack takes place," Wilk said. "Government agencies and businesses online can protect their placements by adding security layers such as passive biometrics and behavioral analytics – and evaluate beyond the credentials. With this approach, online organizations can flag suspicious enrollments or unusual activity happening within the account, preventing an attack.”

About the Author

Sydny Shepard is the Executive Editor of Campus Security & Life Safety.

Featured

  • A Break from Routine

    It was three years ago right about now that COVID was bringing the world to its knees. In mid-March of 2020, the president put travel restrictions on all flights in and out of Europe, the NBA suspended its season, and Tom Hanks announced that he’d tested positive for the disease—all in the same night. It was officially a national emergency two days later. Read Now

    • Industry Events
    • ISC West
  • Live From ISC West 2023 Preview

    ISC West 2023 is right around the corner! This year’s trade show is scheduled from March 28–31 at the Venetian Expo in Las Vegas, Nevada. The Campus Security & Life Safety and Security Today staff will be on hand to provide live updates about the security industry’s latest innovations, trends, and products. Read Now

    • Industry Events
    • ISC West
  • Until We Meet Again

    A short three years ago we were all pondering whether to attend any tradeshows all thanks to COVID-19. Sorry to bring that nightmare up again, but it seems that little pandemic is in the rear-view mirror, and it’s time to meet again. Read Now

    • ISC West
  • Cyber Hygiene: What it Looks Like for IoT Devices

    Cyber Hygiene: What it Looks Like for IoT Devices

    For our second pillar about the Industrial Internet of Things (IIoT) Pillars of Security, we are going to discuss what cyber hygiene looks like for IoT devices. Read Now

Featured Cybersecurity

New Products

  • ABLOY IP54-rated Integrated Dust Cover

    ABLOY IP54-rated Integrated Dust Cover

    One of the things that keep security managers on high alert is the real possibility the security locks used to safeguard their properties may unexpectedly fail due to environmental conditions. 3

  • ComNet NW1 Gen 4

    ComNet NW1 Gen 4

    ComNet, Communication Networks, is announcing the introduction of its Generation 4 line of NetWave® wireless products that offer greater performance and increased stability in applications where throughput and increased bandwidth is increasingly important. 3

  • BIO-key MobileAuth

    BIO-key MobileAuth

    BIO-key International has introduced its new mobile app, BIO-key MobileAuth™ with PalmPositive™ the latest among over sixteen strong authentication factors available for BIO-key's PortalGuard® Identity-as-a-Service (IDaaS) platform. 3