Analysis & Insights

Healthcare

Health Promotion Board’s HealthHub Portal Hacked, US Centers For Medicare & Medicaid Services Suffers Breach

16 - 23 October 2018

The Health Promotion Board’s (HPB) HealthHub portal had been hacked over four days between September and October. The attack was discovered after a user suspected that her account had been accessed without her authorisation.
Cyber_News_Healthcare
The Health Promotion Board’s (HPB) HealthHub portal had been hacked over four days between September and October. The attack was discovered after a user suspected that her account had been accessed without her authorisation. The attack, which involved attempted logins using more than 27,000 unique IDs and emails, had successfully compromised 72 HealthHub accounts. HPB said that the email addresses were likely obtained from external sources, and no evidence of a breach in the Health Hub system was found. HPB has notified the affected account holders of the attack.

Additionally, the US Centers for Medicare & Medicaid Services (CMS) suffered a data breach that exposed the files of approximately 75,000 individuals. Hackers had compromised the Federally Facilitated Exchange’s Direct Enrolment pathway, which is used by agents and brokers to help customers enrol in health insurance. It remains unclear what data had been exposed. Meanwhile, the authorities have deactivated the hackers’ accounts and disabled the Direct Enrolment pathway. 

References:
[1] Multiple unauthorised log-in attempts detected on HealthHub portal: HPB
[2] U.S. CMS says 75,000 individuals' files accessed in data breach

More Weekly Cyber Newsanalysis and insights

Healthcare

Health Promotion Board’s HealthHub Portal Hacked, US Centers For Medicare & Medicaid Services Suffers Breach

16 - 23 October 2018

The Health Promotion Board’s (HPB) HealthHub portal had been hacked over four days between September and October. The attack was discovered after a user suspected that her account had been accessed without her authorisation.
Cyber_News_Healthcare
The Health Promotion Board’s (HPB) HealthHub portal had been hacked over four days between September and October. The attack was discovered after a user suspected that her account had been accessed without her authorisation. The attack, which involved attempted logins using more than 27,000 unique IDs and emails, had successfully compromised 72 HealthHub accounts. HPB said that the email addresses were likely obtained from external sources, and no evidence of a breach in the Health Hub system was found. HPB has notified the affected account holders of the attack.

Additionally, the US Centers for Medicare & Medicaid Services (CMS) suffered a data breach that exposed the files of approximately 75,000 individuals. Hackers had compromised the Federally Facilitated Exchange’s Direct Enrolment pathway, which is used by agents and brokers to help customers enrol in health insurance. It remains unclear what data had been exposed. Meanwhile, the authorities have deactivated the hackers’ accounts and disabled the Direct Enrolment pathway. 

References:
[1] Multiple unauthorised log-in attempts detected on HealthHub portal: HPB
[2] U.S. CMS says 75,000 individuals' files accessed in data breach

More Weekly Cyber Newsanalysis and insights