GAO: 300 cybersecurity incidents at healthcare.gov
Just before the initial debacle involving the roll-out of the Obamacare website, the Centers for Medicare and Medicaid Services certified that the site was secure. Since then, there have been questions about just how secure the site really is, given the massive amount of work performed on healthcare.gov to make it work.
Now the GAO says there have been more than 300 attempts to hack the private information of enrollees, although they can find no evidence that any of the hacks was successful.
The Web portal used by millions to get health insurance under the Affordable Care Act has logged more than 300 cybersecurity incidents and remains vulnerable to hacking, nonpartisan congressional investigators said Wednesday.
The Government Accountability Office said none of the 316 security incidents affecting HealthCare.gov appeared to have led to the release of sensitive data such as names, birth dates, addresses, Social Security numbers, and financial or other personal information.
Most of the incidents seemed to have involved probing by hackers. The incidents took place between October 2013 and March 2015.
The GAO said the administration is making progress, but it concluded that security flaws “will likely continue to jeopardize the confidentiality, integrity and availability of HealthCare.gov.”
Investigators identified weaknesses in protecting sensitive information that flows through a key part of the system called the data-services hub. Operating behind the scenes, the hub pings federal agencies to verify the personal details of consumers.
The GAO said shortcomings included insufficiently tight restrictions on “administrator privileges” that allow a user broad access throughout the system, inconsistent use of security fixes and an administrative network that was not properly secured.
![]()
The report also found “significant weaknesses” in health insurance sites operated by states, which connect to the data hub.
At the time the site went live, I wondered whether the government would ever tell consumers if the site had been hacked. I'm still wondering. With all these attempts to break into the data, I'm having trouble accepting the explanation that none of them was successful – or even that more attempts haven't been made.
The bottom line is that we can't trust the government to be open about anything having to do with Obamacare – at least, anything that doesn't advance the narrative that it's hugely successful and that people's information is safe.
FOLLOW US ON
Recent Articles
- What’s the Real Target of the Assault on Tesla?
- MAGA: Progress, Not Perfection
- Saving American Culture through ‘Counter-Spoliation’
- Anecdotes from the Time of Autism
- War Is Hell
- Deep State Anatomy and Physiology
- Sisterhood of the Traveling Pronouns
- Trump’s Tariffs: A Chance to Bring Back Lost Jobs
- Trump's Six-Point Plan for Making America Great Again
- Make IRS Sauce The Same For Both Citizen Goose and Politician Gander
Blog Posts
- Jasmine Crockett concedes she was a DEI hire, admitting ‘no experience’
- California still hasn’t economically recovered from 2020—but it’s a ‘pandemic hangover’, not Democrat policy!
- Cory Booker’s ‘pretty stunning biological feat’ was a pathetic charade
- With the border secure, Trump cleans up Biden’s excesses on parole, TPS
- Baptists and Bootleggers
- Trump’s tariffs are all about putting America first after decades of exploitation
- The Dragon slips the spotlight
- VIDEO: Trump’s tariffs are necessary and completely pro-American
- The Left is experiencing the grief cycle on a loop
- The Democrats’ superiority complex
- On Wisconsin: The pundit class fumbles (again)
- Around the world, the smart way and the dumb way to respond to Trump's tariffs
- Burning Teslas
- Senator, you talk too much
- The Atlantic's phony migrant tear-jerker about a pitiful 'Maryland father' shipped back to El Salvador falls apart