Green Room

Surprise: Officials confirm security breach on Vermont’s Obamacare exchange

posted at 4:16 pm on November 25, 2013 by

Democrats run the show in liberal Vermont, where the state government has set up a foundering and costly Obamacare exchange — free from the pervasive and insidious threat of “Republican obstructionism.”  Nothing to see here, Vermont residents:

Officials overseeing the Vermont Health Connect website confirmed Friday there was a security breach on the system last month in which one user got improper access to another user’s Social Security number and other data. A report from state to federal officials overseeing the health insurance exchanges set up under the Affordable Care Act said a consumer reported the incident with the Vermont Health Connect website on Oct. 17. The consumer, whom officials would not identify, reported that he received in the mail — from an unnamed sender — a copy of his own application for insurance under the state exchange. “On the back of the envelope was hand-written ‘VERMONT HEALTH CONNECT IS NOT A SECURE WEBSITE!’ This was also (written) on the back of the last page of the printed out application,” said the incident report. The report was prepared by Greg Needle, privacy administrator with Vermont Health Connect, and filed with the federal Centers for Medicare and Medicaid Services. The Associated Press obtained it after a request under the state public records law to the Department of Vermont Health Access. The report did not identify the individual consumers involved in the breach.

Vermont’s Obamacare chief has assured citizens that this error was isolated and has been “responded to appropriately.” So we’re all good.  Thus far, news stories on Obamacare data security breaches have involved honest citizens and IT specialists probing for weaknesses.  Might there be other characters out there exploiting unknown vulnerabilities for more nefarious purposes?  Not to worry; Kathleen Sebelius “feels like” the websites are secure, even as security experts urge the administration to take Healthcare.gov off-line until safeguards are enhanced.  And why wouldn’t people trust her casual assessment over the urgent warnings of people whose expertise lies in the realm of online security?  Suck it up and carry on, folks.  It’s not like the navigators handling your private data might be convicted felons, or anything.

Recently in the Green Room:

Blowback

Note from Hot Air management: This section is for comments from Hot Air's community of registered readers. Please don't assume that Hot Air management agrees with or otherwise endorses any particular comment just because we let it stand. A reminder: Anyone who fails to comply with our terms of use may lose their posting privilege.

Trackbacks/Pings

Trackback URL

Comments

Another gift from the government to you, the taxpayer – NEARLY-GUARANTEED IDENTITY THEFT!

Enjoy!

Good Lt on November 25, 2013 at 4:26 PM

ObamaCare is like your favorite STD.

It keeps on giving….

Turtle317 on November 25, 2013 at 4:38 PM

And yet I find I don’t care because dollars to donuts the person whose identity was stolen most likely is a raging liberal. Reap-Sow, Dogs-Fleas yadda yadda yadda.

neyney on November 25, 2013 at 4:44 PM

Today we are being encouraged to enroll voluntarily.

Tomorrow, the government will hire a legion of people behind the scenes who will cull your data, build a profile and some “insurance plan” FOR you, and the next time you go to your doctor or pharmacy, you will find that you have been “flagged” and will be pressured to sign up for it. Perhaps someone will actually call you on the telephone…or ring your doorbell someday with legal authority like the census people.

Why do you think dems spent all that money and time on database building?

RushBaby on November 25, 2013 at 5:08 PM

Why do you think dems spent all that money and time on database building?

RushBaby on November 25, 2013 at 5:08 PM

And over a billion bullets!!

Deano1952 on November 25, 2013 at 5:38 PM

Fun fact: If Vermont’s Obamacare site were run by a private company, that company would now be subject under HIPAA to civil fines of $50,000 per affected user, and the DOJ would have the option of pursuing criminal charges against the company’s managers with jail terms of up to 5 years. Plus if the victims could show actual damages, they’d be able to pursue tort claims of their own. But, hey, it’s a government website, so none of that applies–it’s a 100% accountability-free environment! Way to go, Vermont!

Fabozz on November 25, 2013 at 5:42 PM

I was just going to write what Fabozz did. And that’s probably just the tip of the proverbial iceberg. I’m sure the fed is violating all manner of regulations with Zerocare.

raz0r on November 25, 2013 at 6:04 PM

And they’ve never lied or been mistaken about the ACA or the website before so of course we should believe them when they say the website “feels” secure.

talkingpoints on November 25, 2013 at 8:51 PM

“Feels like”?? What a moron!

Sherman1864 on November 25, 2013 at 9:08 PM

if you like your identity you can keep it…obmamacare

jaywemm on November 26, 2013 at 12:52 AM

Wow, who could have seen this coming?

Chris of Rights on November 26, 2013 at 8:07 AM

I love how only one identity can be confirmed to be compromised. Is that because there’s only one person actually in the system deep enough to actually have their identity in there to be stolen?

GWB on November 26, 2013 at 9:04 AM

Gotta go with KS on this one. The admin also got assurances from the Iranians that they won’t go nuclear. Kerry feels good about that, so we’re all good.

You wingnuts just don’t have the skills that brilliant Dems like Kerry and Sebelius have.

mankai on November 26, 2013 at 10:37 AM

This only happened to one person, which means that 50% of VT enrollees have been affected.

mankai on November 26, 2013 at 10:38 AM