HealthCare.gov has revealed that it suffered a minor breach last month that exposed the data of around 75,000 people who were signing up for health insurance via the Marketplace exchange.
Open enrollment period hampered by hackers
There’s never a good time for a data breach, but open enrollment is ideally when you definitely don’t want word about hackers exploiting your system to get out!
Yet according to HealthCare.gov, hackers were able to breach a database used by insurance agents and brokers in October. The following info from 75,000 applications was exposed at that time:
- Date of birth
- Last four digits of Social Security numbers
- Tax filing status
- Expected income
- Family relationships
- Citizenship/immigrant status
- Immigration document types and numbers
- Employer name
Thankfully, among the sensitive data points not included in the leak were bank account numbers, credit card numbers and diagnosis or treatment information.
The exploit has since been patched up and HealthCare.gov will be up and running normally for the remainder of open enrollment, which began Nov. 1 and runs through Dec. 15.
“HealthCare.gov is safe to use, and the agent and broker system is now available again with additional security measures in place. You can use HealthCare.gov directly, and these same resources are available to your trusted agent or broker,” the website says.
If your info was involved in this data breach, you’ll receive a phone call informing you followed by a letter detailing the remediations that the Health Insurance Marketplace is putting into effect.
Among the concessions being made will be the usual thing about free credit and identity monitoring services.
But here’s the thing: Identity monitoring isn’t the solution. A full-blown credit freeze is what you really need!
A credit freeze effectively shuts down a criminal’s ability to open new credit in your name even if they get your personal info in a breach.