On Thursday, the congressional staff was briefed by the Health and Human Services (HHS) about the systems of the HealthCare.gov website being breached and infected with malware by hackers in July.
The Attackers planted the malware in such the way that they are allowded to access the servers used for testing codes in websites, says Wall Street Journal.
However the breach occurred long back in July, it was just discovered recently on August 25th and an immediate investigation was deployed in order to determine the damage caused so far and prevent this from happening.
“The affected systems, no personal information of any of the millions of subscribers was accessed by the threat actor because it was stored on a different server”, according to the investigation.
The malware was planted not only to steel informations but also for creating a denial of service condition against other websites.
Even if the incident affected a computer system not facing the Internet, it is connected to a network of computers that can be accessed online. Moreover, malware can spread across the network and reach machines that store highly sensitive information, especially in this case.
Bloomberg reports:The attacker gained access to the server due to improper protection measures that consisted only in a default password. Because it was a test system not connected to the Internet, the officials say that the attack was not targeted.
“The attack on Healthcare.gov is yet another example of the confluence between complexity of infrastructure and lack of attention on information security. Regardless of the numerous warnings and previous issues, the basic steps to understand the environment and apply basic security controls were overlooked,” said Brandon Hoffman, CTO at RedSeal in an email message.
This incident shows the importance of security all over companies and industries, which should be strong enough to manage these attacks and in this case the security is weakest and the security breach was discovered later due to carelessness.