HealthCare.gov breach exposed personal details of 75,000, including partial Social Security numbers

  • A data breach at HealthCare.gov that affected roughly 75,000 people exposed personal information including the last four digits of the Social Security number, immigration status and insurance plan details.
  • "Bank account numbers, credit card numbers, or diagnosis or treatment information," was not exposed during the breach, the Department of Health and Human Services said in a letter.
  • The agency is offering free identity theft protection services to those affected.
Website for Healthcare.gov for Small Business
Source: Healthcare.gov
Website for Healthcare.gov for Small Business

A data breach at HealthCare.gov exposed personal details of roughly 75,000 people, including the last four digits of the Social Security number, immigration status and employer name, the Department of Health and Human Services said in a letter to those affected on Friday.

Last month, officials announced that the breach had occurred but did not provide information on what type of data was exposed. The breach affected an online portal used by insurance agents and brokers to search for people who have applications stored on HealthCare.gov. The hacked system was immediately shut down and "changes were made to improve security," the letter said.

The exposed data consisted of information provided on insurance applications, as well as information from other federal agencies used to confirm the application details.

"Bank account numbers, credit card numbers, or diagnosis or treatment information" were not exposed during the breach, the letter said.

Officials still do not know if the exposed information was actually accessed. Still, the agency is offering free identity theft protection services to those affected.

Open enrollment on HealthCare.gov for 2019 began on Nov. 1. "Please be assured that all information will be protected during Open Enrollment," the letter said.