The Department of Health and Human Services confirmed Thursday that Healthcare.gov experienced its first hack last month.
HHS officials said a Centers for Medicare and Medicaid Services security team noticed something odd when going through system security logs Aug. 25, weeks after the attack was alleged to occur. Looking deeper into the anomoly, the team found an intrusion in a test sever used to support the health insurance Web portal.
Despite the high profile of the Healthcare.gov site, HHS officials do not believe it was a targeted attack — several other private sector and federal websites were victims as well. Likewise, HHS does not believe any personally identifiable information is at risk after the attack, which was thought to be a common malware designed to launch a denial of service attack against other websites. The server did not communicate externally, according to network traffic analysis.
“Today, we briefed key Congressional staff about an intrusion on a test server that supports HealthCare.gov,” Aaron Albright, director of media relations for CMS, said in a statement. “Our review indicates that the server did not contain consumer personal information; data was not transmitted outside the agency, and the website was not specifically targeted. We have taken measures to further strengthen security.”
HHS has teamed with the Department of Homeland Security and the FBI, among others, to confirm the attack’s limited reach. Officials said they will continue to look into the incident and how they can better secure Healthcare.gov.
The second open enrollment period, which begins in November, will continue as planned, HHS said.
