In what could be another jolt for US President Barack Obama’s dream project ‘Obamacare health insurance program’, a government cybersecurity team last week discovered that an unknown hacker or a group of hackers tried to peep into a computer server supporting the HealthCare.gov website by apparently uploading malicious files.
The Centers for Medicare and Medicaid Services, the lead Obamacare agency, on Thursday briefed about the intrusions to top congressional staff.
“The first incidence of breach occurred on July 8”, Aaron Albright, CMS spokesman, said.
According to Albright, the main objective of the hackers was not to steal personal data but to launch a distributed denial of service (DDoS) attack against other websites.
In a DDoS attack, the malwares trying to communicate with the website makes the computers with internet-connectivity so overwhelmed that they fail to handle legitimate requests and lead to crash.
“Our review indicates that the server did not contain consumer personal information; data was not transmitted outside the agency, and the website was not specifically targeted. We have taken measures to further strengthen security,” Albright said.
Albright also shed out speculations that the attack would adversely impact on the second round of enrollment period, which begins on November 15, for the health coverage under the Obamacare.
Meanwhile, the CMS’s parent agency – Office of Inspector General of the Department of Health and Human Services- and the HHS leadership have been notified of the attack and sources say investigation is under process.
The Department of Homeland Security spokesperson said that the affected server has been forensically preserved by its Computer Emergency Readiness Team (US-CERT).
The agency, which is also responsible in investigating cyber attacks, said that they had identified the malware designed to launch the DDoS attack and extracted them.