The Obama administration says hackers breached HealthCare.gov, but no consumer information was taken in the attack on the health insurance website that serves more than 5 million Americans.
Instead, hackers installed software that could have been used to launch an attack on other websites from the federal insurance portal.
Health and Human Services spokesman Aaron Albright said Thursday the website component that was breached had been used for testing and did not contain consumer information, such as names, birth dates and Social Security numbers.
The Homeland Security Department, which helps safeguard federal systems, said the scope of the attack was limited to one machine. There was no evidence an attack was launched from the tainted machine.
The breach, detected last week, was first reported by The Wall Street Journal.