A data breach at HealthCare.gov exposed personal details of roughly 75,000 people, including the last four digits of the Social Security number, immigration status and employer name, the Department of Health and Human Services said in a letter to those affected on Friday.
Last month, officials announced that the breach had occurred but did not provide information on what type of data was exposed. The breach affected an online portal used by insurance agents and brokers to search for people who have applications stored on HealthCare.gov. The hacked system was immediately shut down and “changes were made to improve security,” the letter said.
The exposed data consisted of information provided on insurance applications, as well as information from other federal agencies used to confirm the application details.
“Bank account numbers, credit card numbers, or diagnosis or treatment information” were not exposed during the breach, the letter said.
Officials still do not know if the exposed information was actually accessed. Still, the agency is offering free identity theft protection services to those affected.
Open enrollment on HealthCare.gov for 2019 began on Nov. 1. “Please be assured that all information will be protected during Open Enrollment,” the letter said.