The personal information of 6,700 physicians and nurses overseen by the U.S. Surgeon General may have been compromised.
According to the Associated Press, members of the U.S. Public Health Service Commissioned Corps were informed by email that unauthenticated users could have accessed their names, dates of birth and Social Security numbers.
“Based on our investigation, affected individuals are those served by this website-based system: current, retired and former Commissioned Corps officers and their dependents," the email said.
The potential breach was discovered on Sept. 20, and the computer system has since been disabled. Investigators at HHS are still trying to determine whether the information was only exposed or actually accessed.
HHS has made internal information security a priority in recent month, with federal lawmakers proposing to create a separate CISO within the department following a breach of the FDA’s network in 2015.