Tech

Hackers steal data of 75,000 users after Healthcare.gov FFE breach

CMS officials says open enrollment period won't be negatively impacted by recent breach.

Written by Catalin Cimpanu, Contributor on Oct. 21, 2018

Hackers have breached a HealthCare.gov sign-up system and have gotten their hands on the personal information of roughly 75,000 people, the government said on Friday, October 19.

Security

The system is named Federally Facilitated Exchanges (FFE), and is managed by the Centers for Medicare & Medicaid Services (CMS). Healthcare insurance agents and brokers use the FFE to enroll users into Obamacare plans made available through the official HealthCare.gov portal.

The CMS said that it detected "anomalous system activity" in the FFE on October 13, 2018, last Saturday, and started an immediate investigation.

A breach was confirmed the past week, on Tuesday, October 16.

"The agent and broker accounts that were associated with the anomalous activity were deactivated, and - out of an abundance of caution - the Direct Enrollment pathway for agents and brokers was disabled," the CMS said in a press release.

The government agency says it plans to re-enable FFE direct enrollment for agents and brokers within the next seven days.

US citizens can still enroll for Obamacare health care plans via the HealthCare.gov portal or the Marketplace Call Center.

The FBI has been notified, the CMS said, and the agency plans to notify all those affected.

"We are working to identify the individuals potentially impacted as quickly as possible so that we can notify them and provide resources such as credit protection," said CMS Administrator Seema Verma.

"I want to make clear to the public that HealthCare.gov and the Marketplace Call Center are still available, and open enrollment will not be negatively impacted," Verma added.