The Affordable Care Act’s federal exchange system for insurance was breached and about 75,000 consumer files compromised, the Trump administration said Friday.
Suspicious activity was detected early this week in a part of the exchange system that allows agents and brokers to assist consumers with enrollment applications, the Centers for Medicare and Medicaid Services said. The exchange, Healthcare.gov, is used by most states and is where millions of people sign up for health coverage.
The breach is likely to raise concerns about the security of consumer data on the cusp of ACA’s open enrollment period, which begins Nov. 1.
“I want to make clear to the public that Healthcare.gov and the marketplace call center are still available, and open enrollment will not be negatively impacted,” CMS Administrator Seema Verma said Friday in a statement.
Healthcare.gov has been criticized since its inception as being vulnerable to cyberattacks. In 2014 the former Obama administration said a breach had occurred but that no personal consumer information was stolen. A 2015 report by the Heath and Human Services inspector general said that sensitive data on millions of consumers was being stored in a system with fundamental security risks.
Federal officials said Friday that immediate steps were taken to secure the system and that federal law enforcement was informed. An investigation was begun and the breach declared on Oct. 16.
The system for brokers and agents should be restored within seven days and all other parts of Healthcare.gov are operational, authorities said.