GAO: 300 cybersecurity incidents at healthcare.gov
Just before the initial debacle involving the roll-out of the Obamacare website, the Centers for Medicare and Medicaid Services certified that the site was secure. Since then, there have been questions about just how secure the site really is, given the massive amount of work performed on healthcare.gov to make it work.
Now the GAO says there have been more than 300 attempts to hack the private information of enrollees, although they can find no evidence that any of the hacks was successful.
The Web portal used by millions to get health insurance under the Affordable Care Act has logged more than 300 cybersecurity incidents and remains vulnerable to hacking, nonpartisan congressional investigators said Wednesday.
The Government Accountability Office said none of the 316 security incidents affecting HealthCare.gov appeared to have led to the release of sensitive data such as names, birth dates, addresses, Social Security numbers, and financial or other personal information.
Most of the incidents seemed to have involved probing by hackers. The incidents took place between October 2013 and March 2015.
The GAO said the administration is making progress, but it concluded that security flaws “will likely continue to jeopardize the confidentiality, integrity and availability of HealthCare.gov.”
Investigators identified weaknesses in protecting sensitive information that flows through a key part of the system called the data-services hub. Operating behind the scenes, the hub pings federal agencies to verify the personal details of consumers.
The GAO said shortcomings included insufficiently tight restrictions on “administrator privileges” that allow a user broad access throughout the system, inconsistent use of security fixes and an administrative network that was not properly secured.
The report also found “significant weaknesses” in health insurance sites operated by states, which connect to the data hub.
At the time the site went live, I wondered whether the government would ever tell consumers if the site had been hacked. I'm still wondering. With all these attempts to break into the data, I'm having trouble accepting the explanation that none of them was successful – or even that more attempts haven't been made.
The bottom line is that we can't trust the government to be open about anything having to do with Obamacare – at least, anything that doesn't advance the narrative that it's hugely successful and that people's information is safe.
Ad Free / Commenting Login
FOLLOW US ON
Recent Articles
- That Strange, Persistent, Cheering at a CEO's Murder is Proof We Are Now an Idiocracy
- North Korea is China's Proxy
- Scientific Societies Err on 'Climate Change'
- A 2025 Year of Jubilee Could End Slavery in America
- The Laken Riley Act Must Become Law
- Depopulation: A Space Odyssey
- Trump’s Incredibly High Stakes
- It’s Not Too Late to Boot Biden
- The Sinking of the USS Agility
- Culture and the Perils of Ideology
Blog Posts
- Firestorm of incompetence in Los Angeles: Water company admits their big reservoir to fight fires was bone dry
- California wildfires: Now for the arsonists and looters ... UPDATED
- Why was John Lennon’s atheist anthem ‘Imagine’ sung at Jimmy Carter’s funeral — at the late president’s request?
- Disappointment from the Supreme Court
- Scenes from a funeral
- Americans, be careful for whom you vote; your lives may depend on it
- Fact checkers upset fact checkers checked
- The farce of multiculturalism
- Fani Willis and the high cost of transparency theater
- More abortion means killing parental rights
- Socialism update: No lights in Cuba, no water in L.A.
- Let's update world maps to reflect American greatness
- Four years of Biden proves too close a shave
- Gavin Newsom actually does something right for once
- The reality of Stand Your Ground