CMS still analyzing insurance exchange breach, promises credit protection

Federal agencies continue to investigate a massive data breach of data in information in systems supporting federal insurance exchanges, stiffening cyber defenses.

The Centers for Medicare and Medicaid Services continues analysis of the breach, suspected to have occurred on October 13. The data was contained is information systems that support federal insurance exchanges, which enable agents and brokers to assist consumers with applications for insurance coverage through the government program, which was created under the Affordable Care Act.

Also See: Insurance data compromised at Minnesota Department of Human Services

The agency confirms that it suspects that the files of 75,000 individuals were accessed. Application data that contained personally identifiable information was accessed; however the personally identifiable information did not include tax, health or banking information.



However, because individuals’ files were accessed, “affected individuals will be notified as quickly as possible through multiple channels,” the agency explains in a follow-up announcement.

“Individuals will be able to register for free credit protection and additional services to prevent and/or remediate any issues that have arisen from the use of their data, including identity monitoring services, identity theft insurance and identity restoration services.”

CMS has worked around the clock to implement new security measures to protect consumer information, and the agency also has restored services to agents and brokers to assist consumers. Prior to putting the system back online, CMS is working with the HHS Office of Inspector General and the chief information officer to improve the security of insurance exchanges.