COLUMBIA, SC (WIS) –
About a month ago, attorney Tom Dougall logged on to healthcare.gov to browse for cheaper insurance for him and his wife.
On Friday, the last thing he expected to hear on his voicemail was a man from North Carolina who says he can access all of Tom’s personal information.
Dougall says he thought it was a scam until he realized his privacy had been breached.
“I believe somehow the ACA, the Healthcare website has sent me your information, is what it looks like,” said Justin, a North Carolina man who could access Tom’s information on healthcare.gov. “I think there’s a problem with the wrong information getting to the wrong people.”
At first, Dougall didn’t know what to think.
“We received a phone call from a gentleman named Justin in North Carolina who informed me that he had gone on the healthcare.gov website and when he logged in under his log in and password, he received a document of all of my and my wife’s personal information,” Dougall said.
Dougall said he thought it was a ploy.
“Initially I was concerned because I didn’t know if this was some guy who was scamming me or if in fact this was a guy who really had my personal information,” he said.
Justin even provided proof, documents containing Tom’s personal information and screen shots of the website.
“And you can see that he’s actually signed in as Justin and it tells him he has notices about his marketplace eligibility and to download those and when he downloads it, the next screen shot shows him my personal information,” he said.
Dougall said now Justin cannot sign up for the coverage he needs because he’s been blocked by Tom’s personal information.
“We’re told constantly that it’s a secure system and it’s not, obviously,” he said.
Having lived through one security breach in the State of South Carolina with the Department of Revenue, Dougall wonders what would happen if a professional hacker tried to log on.
