The Centers for Medicare & Medicaid Services has announced a data breach that affects 75,000 of its users. The Centers for Medicare & Medicaid Services is tied to the government’s Healthcare.gov website and is used by insurance representatives to assist users in signing up for healthcare plans. The system is widely used by those who are specifically signing up with the Affordable Care Act signed by President Obama.
At this time, we believe that approximately 75,000 individuals’ files were accessed. While this is a small fraction of consumer records present on the FFE, any breach of our system is unacceptable.
“Our number one priority is the safety and security of the Americans we serve. We will continue to work around the clock to help those potentially impacted and ensure the protection of consumer information,” said CMS Administrator Seema Verma. “I want to make clear to the public that HealthCare.gov and the Marketplace Call Center are still available, and open enrollment will not be negatively impacted. We are working to identify the individuals potentially impacted as quickly as possible so that we can notify them and provide resources such as credit protection.”
The Centers for Medicare & Medicaid Services noticed “anomalous system activity” on October 13th and declared there was a breach on October 16th. The agency says they followed “standard and appropriate security and risk protocols for researching and reporting the incident.” The agency has taken steps to secure the system and notified Federal law enforcement about the incident.
We are working to address the issue, implement additional security measures, and restore the Direct Enrollment pathway for agents and brokers within the next 7 days.
The tool through which the breach occurred is only available through the currently-disabled Direct Enrollment pathway for agents and brokers. As a result, the remaining FFE enrollment channels, including HealthCare.gov and the Marketplace Call Center, remain operational.
The Centers for Medicare & Medicaid Services says the investigation is ongoing and they will update as they can.
Last Updated on October 21, 2018.