Healthcare.gov breach compromised immigration, tax information

Julie Spitzer - Print  | 

CMS has revealed more details about the hack on an Affordable Care Act sign-up portal involving about 75,000 consumers in mid-October, according to TechCrunch.

Hackers reportedly obtained access to several brokers' and agents' Healthcare.gov accounts and "engaged in excessive searching" of the marketplace systems. Brokers and agents are granted a direct enrollment pathway to assist consumers in enrolling for healthcare coverage through the federally facilitated exchanges. CMS didn't disclose how the hackers gained access to the accounts, but said the affected accounts were immediately shut down.

According to a letter CMS sent to affected individuals dated Nov. 7, compromised data included:

Although CMS first noted the breach affected 75,000 individuals, a person familiar with the investigation told TechCrunch the count is expected to change. The stolen files also included data on children.

Healthcare.gov is the online marketplace that Americans use to enroll in health insurance plans under the Affordable Care Act. In 2018, about  11.8 million people used the website to sign up for coverage, TechCrunch said.

A spokesperson told the publication that CMS is expected to issue an update on the data breach later this week.

More articles on cybersecurity:

5 security frameworks hospitals are adopting
SamSam ransomware continues to wreak havoc on healthcare, report finds
1 in 3 ransomware attacks target healthcare companies, report suggests

© Copyright ASC COMMUNICATIONS 2019. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.

To receive the latest hospital and health system business and legal news and analysis from Becker's Hospital Review, sign-up for the free Becker's Hospital Review E-weekly by clicking here.