A government security team last month found malware on a Health and Human Services (HHS) server that supports the Obamacare website HealthCare.gov, HHS confirmed to CBS News on Thursday.
The commonplace malware was designed to launch "denial of service" attacks against other websites, HHS said, and there is no evidence any consumers' personal information was sent to any external IP address. The attack did not appear to directly target HealthCare.gov, and the server that was targeted did not contain any consumers' personal information.
HHS on Thursday briefed congressional staff about the breach, which happened in July and was discovered on August 25 during a routine review of security logs, according to the Wall Street Journal. The hacker was traced to a foreign IP address but is not believed to be a state actor, according to an HHS official.
- How Obamacare subsidies could impact your tax refund
- Google exec hired to help fix government websites
After the breach was discovered, HHS leadership and the HHS Office of the Inspector General (the agency's independent watchdog) were quickly notified about it. The Department of Homeland Security and U.S. Computer Emergency Readiness Team (U.S.-CERT) helped respond to the hack.
"We have taken measures to further strengthen security," HHS said in a statement to CBS News. The hacked server has been disconnected, and there is no evidence that the intrusion took place on other HHS servers.
Government officials are still investigating the hack. In the meantime, HHS is conducting a comprehensive review of security improvements and said that it is taking "proactive steps" to protect the HealthCare.gov.
Millions of Americans in the past year signed up for health insurance plans through HealthCare.gov, after submitting personal information like Social Security numbers and financial information to the website.
The 2015 open enrollment period begins on November 15, but HHS said that the hack should have no impact on that.