The files of approximately 75,000 individuals were accessed during suspicious activity in the Affordable Care Act enrollment system, according to CMS. The agency stated it took immediate steps to secure the system.
The Direct Enrollment pathway, which was launched in 2013, enables brokers and consumers to help consumers enroll in healthcare plans on the Federally Facilitated Exchanges.
CMS began investigating the incident on Oct. 13 and declared the breach on Oct. 16. The agent and broker accounts associated with the breach were deactivated, and CMS disabled the Direct Enrollment pathway for agents and brokers, according to the agency.
“Our number one priority is the safety and security of the Americans we serve. We will continue to work around the clock to help those potentially impacted and ensure the protection of consumer information,” CMS Administrator Seema Verma said in a statement. “I want to make clear to the public that HealthCare.gov and the Marketplace Call Center are still available, and open enrollment will not be negatively impacted. We are working to identify the individuals potentially impacted as quickly as possible so that we can notify them and provide resources such as credit protection."