Hackers successfully breached HealthCare.gov, but no consumer information was taken from the health insurance website that serves more than 5 million Americans, the Obama administration disclosed Thursday.
Instead, the hackers installed malicious software that could have been used to launch an attack on other websites from the federal insurance portal.
Health and Human Services spokesman Aaron Albright said the website component that was breached had been used for testing and did not contain consumer information, such as names, birth dates, Social Security numbers and income details.
The initial intrusion took place July 8, but it was not detected until Monday of last week during a manual scan of system logs. HHS said the component that was breached did not have a firewall, or intrusion detection software, installed on it. Technicians manually scanning logs discovered the breach Aug. 25 and took action.