A hacker successfully breached Healthcare.gov in July and uploaded “malicious software,” MarketWatch reports, citing federal officials. However, investigators said consumers’ personal information doesn’t appear to have been compromised or stolen.
In a written statement, the Department of Health and Human Services noted that its review shows that the hacked server “did not contain consumer personal information; data was not transmitted outside the agency, and the website was not specifically targeted.” The statement also claimed that measures have been taken to “further strengthen security.”
It’s the first successful attack on Healthcare.gov, which had been plagued with glitches and other issues during its bumpy rollout.
The attack comes as the federal government and insurance companies prepare for open enrollment, which begins Nov. 15. It is likely to be seized on by Republican lawmakers, who oppose the law, in fall campaigns as another sign of the health law’s flaws. HealthCare.gov suffered from crippling technology problems when it launched in October, though the government has since improved the site.
Taken with recent data thefts from J.P. Morgan Chase & Co., Home Depot Inc., and celebrities’ iPhones, the HealthCare.gov hack further underscores that large organizations haven’t yet mastered how to secure the troves of data they collect from consumers.
Read the full report here.