HHS-OIG leads probe into healthcare.gov hacking

Sep 25, 2014

The website was breached on July 8 but no consumer information was taken

The U.S. Department of Health & Human Services (HHS) Office of Inspector General is coordinating with other law enforcement agencies to investigate an apparent hacking of healthcare.gov.

The federal health insurance website was breached on July 8 but no consumer information was taken, according to the Wall Street Journal.

However hackers installed software that could have been used to launch attacks on other websites, HHS officials told the newspaper.

The U.S. Department of Homeland Security confirmed the attack was confined to a single server that had been used for testing and contained no personal information such as names or Social Security numbers. The component did not have a firewall or intrusion detection software.

The intrusion was detected August 25 during a manual scan of system records by technicians, according to HHS.

HHS says the federal insurance portal did not appear to be specifically targeted. Instead, the agency believes, hackers were probing various government websites looking for potential weaknesses.

Hacking of government websites is common, HHS acknowledges. The July incident is believed to be the first successful intrusion into healthcare.gov.

READ: Healthcare.gov full of holes.

Healthcare.gov full of holes Healthcare.gov full of holes

x