security

Obamacare website 'crazy vulnerable' to hackers, security risks

Saturday, January 18, 2014 by: J. D. Heyes
Tags: Obamacare, Healthcare.gov, security risks

eTrust Pro Certified

Most Viewed Articles
Popular on Facebook
The five biggest lies about Ebola being pushed by government and mass media
White House admits staging fake vaccination operation to gather DNA from the public
Why does the CDC own a patent on Ebola 'invention?'
Ultraviolet light robot kills Ebola in two minutes; why doesn't every hospital have one of these?
EXCLUSIVE: Natural News tests flu vaccine for heavy metals, finds 25,000 times higher mercury level than EPA limit for water
Irrefutable proof we are all being sprayed with poison: 571 tons of toxic lead 'chemtrailed' into America's skies every year
Truvia sweetener a powerful pesticide; scientists shocked as fruit flies die in less than a week from eating GMO-derived erythritol
Russia taking McDonald's to court, threatens countrywide shutdown
Oregon man serving prison sentence for collecting rainwater on his own property
The best way to help your body protect itself against Ebola (or any virus or bacteria)
Senator who attacked Doctor Oz over dietary supplements received over $146,000 in campaign contributions from Big Pharma mega-retailer and Monsanto
Global warming data FAKED by government to fit climate change fictions
Healthy 12-year-old girl dies shortly after receiving HPV vaccine
Ebola outbreak may already be uncontrollable; Monsanto invests in Ebola treatment drug company as pandemic spreads
HOAX confirmed: Michelle Obama 'GMOs for children' campaign a parody of modern agricultural politics
Ben & Jerry's switches to non-GMO, Fair Trade ice cream ingredients
W.H.O. contradicts CDC, admits Ebola can spread via coughing, sneezing and by touching contaminated surfaces
Elliot Rodger, like nearly all young killers, was taking psychiatric drugs (Xanax)
Delicious
(NaturalNews) It's not just glitch-prone and vague about important components of health insurance coverage, like how much it will cost. But the federal online Obamacare exchange, Healthcare.gov, is also a wet dream for hackers, despite the millions spent to "fix" it.

That's the diagnosis of a number of Web security experts who have examined the site from a hacker's perspective (these are the good guys, by the way) and found it disturbingly open to identity theft, among other calamities, as reported by the Washington Free Beacon:

The Obamacare insurance marketplace is even more vulnerable to security breaches since the administration "fixed" Healthcare.gov, according to a cyber security expert.

Health and Human Services (HHS) released a progress report
[recently] following its self-imposed Nov. 30 deadline to repair the website, saying that the "team has knocked more than 400 bug fixes and software improvements off the punch list."

The administration said that the "site capacity is stable at its intended level," though the site continued to crash....


So much for the 'security' fixes

HHS's eight-page report said nothing about the site's extensive number of security flaws - flaws that experts noted put at risk the personal information of anyone who uses it.

"It doesn't appear that any security fixes were done at all," David Kennedy, CEO of the online security firm TrustedSec, told the Beacon.

The "white hat" security expert (white hat refers to a hacker who uses their skill to test a company's websites, to find security flaws) said a number of basic security safeguards missing from Healthcare.gov that his firm identified more than a month ago still have not been implemented.

"There are a number of security concerns already with the website, and that's without even actually hacking the site, that's just a purely passive analysis of [it]," he said. "We found a number of critical exposures that were around sensitive information, the ability to hack into the site, things like that. We reported those issues and none of those appear to have been addressed at all."

Kennedy, during a congressional testimony on Nov. 19, warned Americans to stay away from the site. He told the Beacon that, since issuing his warning, the site has only gotten worse, security-wise.

"They said they implemented over 400 bug fixes," he said. "When you recode the application to fix these 400 bugs - they were rushing this out of the door to get the site at least so it can work a little bit - you're introducing more security flaws as you go along with it because you don't even check that code."

"I'm a little bit more skeptical now, and I would still definitely advise individuals to not use the website because it's definitely something that I don't believe is secure and neither did the four individuals that testified in front of Congress," Kennedy said. "I think there's some major security concerns there around privacy and information, and they haven't even come close to being addressed, and won't be in the short term."

Top searches performed by hackers

In addition to discovering security flaws with the federal exchange, there were delinquencies found in the 14 state exchanges as well. In fact, a breach has already been reported in Vermont; a user was granted access to another user's Social Security number.

"That's a whole other front of hacking," Kennedy said. "That's what's actually going to contain all the sensitive information for residents in those states."

"States are required to notify in the event of a breach, the federal government is not," he noted. "So in the event that Healthcare.gov gets compromised and all their information gets taken out of it they don't have to notify anybody."

Kennedy predicted that the contracted team working on the federal exchange was more likely to hide the site's security discrepancies than fix them after it was revealed that the most popular searches on the site were hacking attempts.

"The top results were hacker attempts," Kennedy said. "Their fix for it wasn't, 'Hey let's restrict people from inputting malicious code into the website,' - because that's how hackers break into websites - it was, 'we're just going to completely disable that entire function completely, and not even show the search results back.'"

Sources:

http://freebeacon.com

http://www.theguardian.com

http://www.hhs.gov

Join over four million monthly readers. Your privacy is protected. Unsubscribe at any time.
comments powered by Disqus
Take Action: Support NaturalNews.com by linking back to this article from your website

Permalink to this article:

Embed article link: (copy HTML code below):

Reprinting this article:
Non-commercial use OK, cite NaturalNews.com with clickable link.

Follow Natural News on Facebook, Twitter, Google Plus, and Pinterest

Colloidal Silver

Advertise with NaturalNews...

Support NaturalNews Sponsors:

Advertise with NaturalNews...

GET SHOW DETAILS
+ a FREE GIFT

Sign up for the FREE Natural News Email Newsletter

Receive breaking news on GMOs, vaccines, fluoride, radiation protection, natural cures, food safety alerts and interviews with the world's top experts on natural health and more.

Join over 7 million monthly readers of NaturalNews.com, the internet's No. 1 natural health news site. (Source: Alexa.com)

Your email address *

Please enter the code you see above*

No Thanks

Already have it and love it!

Natural News supports and helps fund these organizations:

* Required. Once you click submit, we will send you an email asking you to confirm your free registration. Your privacy is assured and your information is kept confidential. You may unsubscribe at anytime.