backtop


Print 37 comment(s) - last by lagomorpha.. on Jan 20 at 12:03 PM

Over 20 vulnerabilities were reported shortly after HealthCare.gov launched, but the government has neglected to address them

HealthCare.gov was a mess the first couple of months after its October launch, and while many of its issues appear to be clearing up; experts say there are gaping holes in the website's security. 
 
According to a report from Reuters, cyber security experts have called the U.S. government out on its lack of effort to fix security problems with HealthCare.gov, which were pointed out shortly after the site's launch last year.
 
David Kennedy, head of computer security consulting firm TrustedSec LLC, is leading the crusade against the government in an effort to get these security holes patched. He said that he reported over 20 vulnerabilities shortly after HealthCare.gov launched on October 1, but the government has neglected to address them. 
 
One of the first vulnerabilities Kennedy found was that hackers could easily obtain the full names and email addresses of Americans who signed up with HealthCare.gov. He said it took him five minutes to write a computer program that imported about 70,000 records in only four minutes. 
 
Further, Kennedy discovered from a fellow security researcher that hackers could upload malicious code to HealthCare.gov, allowing them to take control of other HealthCare.gov users' computers to steal and/or modify data as well as attack other computers. 
 
"These issues are alarming," said Kennedy.


[SOURCE: NBC News]

Kennedy and three other security experts first presented these security flaws at a November Science Committee hearing, where they suggested that the site be shut down immediately. 
 
The Centers for Medicare & Medicaid Services, which oversees HealthCare.gov's operations, responded by saying no threats have been detected regarding the health insurance site.  
 
"To date there have been no successful security attacks on HealthCare.gov and no person or group has maliciously accessed personally identifiable information from the site," said the federal agency. "Security testing is conducted on an ongoing basis using industry best practices to appropriately safeguard consumers' personal information."
 
For weeks after HealthCare.gov's initial launch, the site experienced slow speeds and loading messages preventing users from shopping the health insurance marketplace. 
 
Back in November, Republican investigators with the House of Representatives Energy and Commerce Committee launched an investigation of the HealthCare.gov's troubles, and found emails from the project manager back in July 2013 that warned of potential issues that could arise. HealthCare.gov project manager Henry Chao sent an email out about the site's main contractor, CGI Federal, on July 16 saying that he "needs to feel more confident they are not going to crash the plane at take-off."
 
Staff shortages, problems with contractors and software issues were among the issues discussed prior to HealthCare.gov's launch. 
 
More recently, HealthCare.gov's first contractor, CGI Federal -- which launched the site back in October -- was booted in favor of Accenture. CGI Federal's government contract for HealthCare.gov will expire February 28, 2014, and the contractor said it would not be renewed (more than likely because of all the website's problems). 
 
Accenture's new one-year contract is worth $45 million USD for the project's initial phase, with a total value of $90 million by the time it expires.

Source: Reuters



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

RE: Corrupt Administration
By TSS on 1/16/2014 5:05:32 PM , Rating: 1
So? Just vote republican next time around. I'm sure another war or 2 in some godforsaken places will clear all those problems right up (sarcasm, just incase i have to spell it out).

Don't get me wrong i got suckered in by Obama too, in 2008 when he was preaching change. That changed (oh irony) in a hurry when he appointed pretty much the same staff as Bush had (mostly (ex-)wallstreet bankers etc). I've never been one for outlandish conspiracy theories, but if there ever was a plan by some evil overlords to crush hope, Obama was certainly the one appointed to do it.

I'll still say it though, at this point we can no longer say it's the presidents fault. Wether he recieves orders from above or he's just a plain ol' idjet, doesn't make a difference. The people at fault are the people of the United States now. There's never been a time in US history where it was so blatantly obvious that neither the democratic party or the republican party represented the people anymore. Infact i saw a post on a website the other day saying the majority of americans now identify themselves as "indepentants".

So why are the cronies still in control? Where are the mass protests? The Revolution, yknow, "taxation without reprisentation" and all that? And don't throw "tea party" out there i've read their economical proposals, they're even more suicidal then Abenomics. They're definitly not out for the benifit of the common people.

Have people become too jaded because what happened to the Occupy movement? Because they where as incompetent at organising a protest as the leaders of the US are at running the country? Let's be honest here the "leaders" of the protest held their meetings in the lobby of a nearby bank, sillyest protest i've ever seen.

Honestly i've never really understood this world anyway but it seems i understand it less with each and every day as it spirals further into madness. If anything, I'd guess i'm just hoping for the same thing that everybody else is; wether it's a mass revolt or the final collapse we all know is coming, i'm just hoping it'll all end and go away.


RE: Corrupt Administration
By KCjoker on 1/16/2014 6:27:25 PM , Rating: 3
My solution is to vote out all incumbents regardless of party.


RE: Corrupt Administration
By Dorkyman on 1/17/2014 8:32:32 PM , Rating: 1
Bull. It is a guarantee that if Romney, with his many years of highly-successful business projects, had been elected instead of the great affirmative-action Narcissist, things would be designed and implemented effectively. That's how private enterprise survives--it's either efficient or it dies.

Don't lump R's with the D's on this one. The D's are simply incompetent at this kind of thing.


RE: Corrupt Administration
By powerwerds on 1/16/2014 11:26:28 PM , Rating: 2
I sympathize with your feelings of never having really understood the world anyway. I especially feel that way whenever I consider our entire political system, the people who are running it, and the decisions those people make. Lately the entire lot does seem strikingly mad.

I feel like not only are we going in the wrong direction, but the new decisions that are being made aren't such that would "right the ship," but instead are those that obviously exacerbate the problems further. Truly mad.


RE: Corrupt Administration
By Arsynic on 1/17/14, Rating: 0
"I want people to see my movies in the best formats possible. For [Paramount] to deny people who have Blu-ray sucks!" -- Movie Director Michael Bay














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki