Serious security flaws found in Obamacare websites in three states
Finding out what’s in it: Federal investigators have found significant security problems with the Obamacare health insurance websites in the states of California, Kentucky, and Vermont.
The GAO report examined the three states’ systems from October 2013 to March 2015 and released an abbreviated, public version of its findings last month without identifying the states. On Thursday, the GAO revealed the states’ names in response to a Freedom of Information request from the AP.
According to the GAO, one state did not encrypt passwords, potentially making it easy for hackers to gain access to individual accounts. One state did not properly use a filter to block hostile attempts to visit the website. And one state did not use the proper encryption on its servers, making it easier for hackers to get in. The report did not say which state had what problem.
According to the story, it appears that nothing has been done in two of the three states to fix the problem. Worse, the study suggests similar problems exist at other state websites.
Hey, let’s solve the problem by voting for Clinton or Sanders! Both say the solution is to give the governments that screwed up here more power, money, and control. What could go wrong?
On Christmas Eve 1968 three Americans became the first humans to visit another world. What they did to celebrate was unexpected and profound, and will be remembered throughout all human history. Genesis: the Story of Apollo 8, Robert Zimmerman's classic history of humanity's first journey to another world, tells that story, and it is now available as both an ebook and an audiobook, both with a foreword by Valerie Anders and a new introduction by Robert Zimmerman.
The ebook is available everywhere for $5.99 (before discount) at amazon, or direct from my ebook publisher, ebookit. If you buy it from ebookit you don't support the big tech companies and the author gets a bigger cut much sooner.
The audiobook is also available at all these vendors, and is also free with a 30-day trial membership to Audible.
"Not simply about one mission, [Genesis] is also the history of America's quest for the moon... Zimmerman has done a masterful job of tying disparate events together into a solid account of one of America's greatest human triumphs."--San Antonio Express-News
Finding out what’s in it: Federal investigators have found significant security problems with the Obamacare health insurance websites in the states of California, Kentucky, and Vermont.
The GAO report examined the three states’ systems from October 2013 to March 2015 and released an abbreviated, public version of its findings last month without identifying the states. On Thursday, the GAO revealed the states’ names in response to a Freedom of Information request from the AP.
According to the GAO, one state did not encrypt passwords, potentially making it easy for hackers to gain access to individual accounts. One state did not properly use a filter to block hostile attempts to visit the website. And one state did not use the proper encryption on its servers, making it easier for hackers to get in. The report did not say which state had what problem.
According to the story, it appears that nothing has been done in two of the three states to fix the problem. Worse, the study suggests similar problems exist at other state websites.
Hey, let’s solve the problem by voting for Clinton or Sanders! Both say the solution is to give the governments that screwed up here more power, money, and control. What could go wrong?
On Christmas Eve 1968 three Americans became the first humans to visit another world. What they did to celebrate was unexpected and profound, and will be remembered throughout all human history. Genesis: the Story of Apollo 8, Robert Zimmerman's classic history of humanity's first journey to another world, tells that story, and it is now available as both an ebook and an audiobook, both with a foreword by Valerie Anders and a new introduction by Robert Zimmerman.
The ebook is available everywhere for $5.99 (before discount) at amazon, or direct from my ebook publisher, ebookit. If you buy it from ebookit you don't support the big tech companies and the author gets a bigger cut much sooner.
The audiobook is also available at all these vendors, and is also free with a 30-day trial membership to Audible.
"Not simply about one mission, [Genesis] is also the history of America's quest for the moon... Zimmerman has done a masterful job of tying disparate events together into a solid account of one of America's greatest human triumphs."--San Antonio Express-News
http://www.wcax.com/story/31676525/officials-security-flaws-in-vt-health-exchange-fixed
Related:
Obamacare, “climate change”, cap and trade, and now the “prepping” of the world for a new U.N. treaty regulating ALL of the oceans of the world etc.
1. http://www.foxnews.com/world/2016/04/08/exclusive-un-starts-toward-new-control-over-worlds-oceans.html
2. http://www.foxnews.com/world/2016/04/04/kofi-annans-son-surfaces-in-offshore-accounts-document-dump.html?intcmp=ob_article_sidebar_video&intcmp=obinsite
The further surrendering of American sovereignty? Organizing the world? What could go wrong?
I could make an argument for such arrangements on one level, but where do such arrangements really lead?
From BSJ’s article: “And I feel confident that VHC is among the most secure systems that the state operates.”
Why am I not reassured that this makes it at all secure?
From Robert’s article: “Regulators said that given the number of weaknesses they discovered in just the three states studied …”
They studied only three states? Only?
Holy [ahem]! At this rate, 100% of the states have serious security problems. How is it that the state governments are so poor at security? It is like building a records office and failing to put locks on the filing cabinets … and doors. Or maybe even failing to put doors on the building.
We would expect such examples of complete incompetence to only come from a government program.
Oh, wait.
VT sucks at IT! I don’t believe them when they say it’s secure.
This is the second time they’ve created an exchange. They spent millions on the first attempt, then fired the same firm that set up the National system when they failed to get anything to work.
NO ONE was held accountable for screwing it up either. Paid them extra in fact…
When I taught computer systems for trade schools and university, there were government info workers and private industry workers in my classes. At the end of the day, most of the private industry workers took their books home and came back to class prepared. None of the government workers ever took the books off the desk until the class ended. They only wanted the certificate to evidence a new skill and support another pay raise. I think of this when reading about OPM getting hacked, and Obamacare webs are fresh meat for stealing info. Government workers don’t implement these systems, that is done by contractors, but after launching they manage/maintain the active site.
EdsHeadSciFi wrote: “Government workers don’t implement these systems, that is done by contractors …”
I agree, except that contractors tend not to implement systems that they are not paid to implement. Not only is there no return for the additional cost and complexity, it may even violate the requirements document and the contract.
I am not surprised that government workers are only looking for the certificate and not the skill. It reminds me of typical union teachers at (government-run) public schools. They get more pay for higher degrees, such as Masters Degrees, even though they will not use the additional knowledge to teach the fixed curriculum.