Official: Anthem breach didn't expose O-Care site

There is no evidence that the massive Anthem Inc. healthcare data breach spread to the federal healthcare websites, according to officials.

A spokesman for the Centers for Medicare and Medicaid Services (CMS), which oversees the sites HealthCare.gov and Medicare.gov, said the CMS systems had not been breached following the cyberattack on health insurance provider Anthem that has exposed up to 80 million customers’ personal data.

ADVERTISEMENT

“While there is no indication at this time that the attack against Anthem has impacted HealthCare.gov or Medicare.gov, we remain vigilant in responding to cybersecurity events,” said CMS spokesman Aaron Albright.

Anthem is allowed to market and sell its plans through HealthCare.gov, meaning personal data flows between the site and Anthem's systems.

The digital intrusion into Anthem's system exposed customer names, birth dates, Social Security numbers, home addresses and salary data, among other information.

HealthCare.gov's data privacy has made headlines in recent weeks, after it was revealed dozens of data-tracking companies were able to obtain information about people visiting the site, including age, location and pregnancy status.

In response, the administration added extra layers of encryption to the site to limit the amount of information outside companies could access.

The Anthem data breach is sure to raise new questions about the site’s security.

“Security is a top priority and we continually monitor, test and strengthen our security systems across all CMS programs and systems,” Albright said.

— This post was updated to clarify that HealthCare.gov's data privacy, not data security, has made headlines.