Obama administration officials confirmed Thursday evening that one of the heathcare.gov website servers was hacked in July, but noted that no personal information was transmitted or even viewed.
The hack was uncovered late last month.
“Our review indicates that the server did not contain consumer personal information; data was not transmitted outside the agency, and the website was not specifically targeted. We have taken measures to further strengthen security,” Health and Human Services’ Kevin Griffis said in a statement, noting the server that was penetrated was a “test server.”
The server was uploaded with malware, which are designed to infiltrate other websites with a “denial of service” attack—a practice so common that it’s attempted 28 different times every hour.
Still, the hacking appears to have left healthcare.gov unharmed and ready for the second enrollment period, which begins later this year.
Cyber threats are routinely and regularly lodged against the U.S. government: in 2012, the Department of Defense and the country’s nuclear program reported they were getting 10 million attacks a day each; a few months later, President Obama penned an op-ed on the serious dangers of cyberterrorism.
“The cyber threat to our nation is one of the most serious economic and national security challenges we face,” he wrote, calling on Congress to pass legislation and noting his administration had made cybersecurity a priority.
Correction: An earlier version of this article stated the hack was late last month; in fact, it was in July. The administration uncovered the hack in late August.