Another ObamaCare enrollment period is upon us, which means the accumulated trove of personal data stored in the glitchy HealthCareDotGov website will become an even more tempting target for hackers. The test servers got hacked a while back, without anyone realizing it for almost two months… a development the Administration was not exactly eager to discuss with the public. But at least they learned from the experienced and fixed all the security flaws in the live site, right? Well…
Rep. Lamar Smith, R-Texas, chairman of the committee with jurisdiction over security of the website, said, “we’ve had hearings on the subject of the security or lack of security with the ObamaCare website and what we’ve discovered is that it seems to be easy to be hacked, the security is not secure.”
Smith isn’t the only one worrying. A security expert noted that the health care website is one of the largest federal collections of personal information ever assembled.
Security analyst David Kennedy, of a company called TrustedSec, explained, “they require first name, last name … they require your home address, require your social security number, and then payment information” — including credit card data.
That’s from Fox News, which notes high-profile hacking has been on the rise lately. The JP Morgan hack is mentioned; that was a far harder target than ObamaCare’s $2 billion pile of sloppy code would be. I would also add that some of these headline data thefts have been portrayed by Russian perpetrators as retaliation for American sanctions against Vladimir Putin’s regime. What an awesome “retaliation” a raid on HealthCareDotGov would be!
Rep. Smith does not seem reassured by the performance of ObamaCare’s security team:
Smith had concerns last fall. But in testimony, Todd Park, the former Chief Technology Officer for the administration and assistant to the president, testified last November he knew nothing about security problems.
“I’m not, uh, deeply familiar with, uh, the development testing regimen happened prior to September 1,” Park testified.
Smith, however, said he thinks security problems were known but ignored, and is issuing a subpoena for Park to come back and testify again.
“When we found out we weren’t getting all the information from him that we should and it may or may not have been accurate, that’s when we decided to issue the subpoena,” Smith said.
One security expert noted healthcare.gov is a still a huge ripe target … and that unlike the private sector, no law requires the federal government to even inform you if your information has been hacked.
Oh, I think you can make book on the Administration concealing an ObamaCare hack for as long as possible… and when they get caught, they’ll not only cite the absence of legal requirements for disclosure, they’ll pat themselves on the back for doing a good job of keeping the public from panicking and stampeding away from the People’s Glorious Health Care Plan.