So, HealthCare.gov was hacked
posted at 9:21 pm on September 4, 2014 by Mary Katharine Ham
Well, who could have seen this coming? Thankfully, at this point, the reports say there has been no release of personal information. I can’t say I’m terribly heartened:
A hacker broke into part of the HealthCare.gov insurance enrollment website in July and uploaded malicious software, according to federal officials.
Investigators found no evidence that consumers’ personal data was taken in the breach, federal officials said. The hacker appears only to have accessed a server used to test code for HealthCare.gov. The Department of Health and Human Services discovered the attack last week.
An HHS official said the attack appears to mark the first successful intrusion into the website, where millions of Americans bought insurance starting last year under the Affordable Care Act. It raised concerns among federal officials because of how easily the intruder gained access and how much damage could have occurred.
“Our review indicates that the server did not contain consumer personal information; data was not transmitted outside the agency, and the website was not specifically targeted,” the Department of Health and Human Services said in a written statement. “We have taken measures to further strengthen security.”
Good news: Open enrollment begins again Nov. 15.
Well, I guess this guy saw this coming, along with anyone who was willing to recognize how shoddy this production schedule was from Day One:
Hacking expert David Kennedy told Fox’s Chris Wallace that he determined he could gain access to 70,000 personal records of Obamacare enrollees via HealthCare.gov within about 4 minutes — and it required nothing more than a standard browser, the Daily Caller reported.
“And 70,000 was just one of the numbers that I was able to go up to and I stopped after that,” he said. “You know, I’m sure it’s hundreds of thousands, if not more, and it was done within about a 4 minute timeframe. So, it’s just wide open.”
“You can literally just open up your browser, go to this, and extract all this information without actually having to hack the website itself,” he said…
“What we learned was that they had rushed through what we call the software development life cycle where they actually build the application,” he said on Fox.
Update: Via Guy Benson, the very depressing “Eight New Pieces of Bad ObamaCare News”