Threat actors compromised the information of 75,000 patients after breaching an ObamaCare (Affordable Care Act) enrollment portal last month.

The Centers for Medicare and Medicaid first noticed problems in the online enrollment portal available to agents and brokers October 13 and the breach was detected Thursday.

The ACA healthcare portal accessible general public was not affected by the breach. Information including Social Security numbers, income, and citizenship or immigration status may have been compromised in the breach.

Federal authorities are conducting an investigation as the breach comes just two weeks before the beginning of the annual six-week enrollment period for health coverage although Seema Verma, the administrator for the Centers for Medicare and Medicaid Services, told Fox News the “open enrollment will not be negatively impacted.”

Researchers have criticized the agency’s response to the incident.

“While there may be opportunities for criticism in any incident, CMS’ detection, response and recovery times, including a public announcement, seem to demonstrate a high level of competence,” Tripwire Vice President Tim Erlin told SC Media. “It’s clear that they’re not making up a response plan as they go here.”

Pravin Kothari, chief executive officer of CipherCloud note that healthcare has remained a popular target for data thieves. 

“The reason? Healthcare records provide the most comprehensive data set available for any individual. Stolen healthcare data facilitates identity theft and for this reason, is highly prized by cyber thieves,”Kothari said. “

Given the assumption that attackers will get into your network, it becomes essential to use new best practices that can stop reconnaissance within your network, highly limit movement within the network using segmentation, and encrypt and protect all of your data end-to-end.”