A data breach of a tool used to enroll people in health care plans exposed the personal information of at least 1,094 Oregonians.
Centers for Medicare & Medicaid Services officials discovered the breach on Oct. 16. Attackers hacked into a direct enrollment tool that insurance agents and brokers use to enroll people in health insurance plans and financial assistance programs linked to HealthCare.Gov, the federal insurance marketplace.
The federal agency estimated that almost 94,000 people across the county were at risk.
State officials do not know whether the affected Oregonians were eligible or enrolled in the Oregon Health Plan, Oregon marketplace spokeswoman Elizabeth Cronen said in an email.
Oregon cannot do anything to address the breaches because the state does not operate any of the technology that was attacked, Cronen said.
“Marketplace leadership has been in contact with our federal partners at CMS regarding this breach, advocating for prompt and transparent communication to stakeholders,” Cronen said in an email.
Federal Medicare and Medicaid officials informed all affected consumers by both phone and mail.
The Centers for Medicare & Medicaid Services are offering free credit protection and additional services to “prevent and/or remediate issues arising from unauthorized use of data exposed as a result of the breach,” spokesman Jonathan Monroe said in an email. “We have been putting additional security measures in place to make sure HealthCare.gov and the Marketplace process are safe and all consumer information is protected.”
The services include identity monitoring, identity theft insurance, and identity restoration services.
Officials encouraged consumers seeking more information on protecting themselves to visit this website.