Security Expert Points Out Serious Flaws in Healthcare.Gov

By:  Raven Clabough
01/27/2014
       
Security Expert Points Out Serious Flaws in Healthcare.Gov

A cyber security expert has claimed that he was able to gain access to 70,000 personal records of ObamaCare enrollees in just four minutes, an announcement that is likely to be frightening to all those who have enrolled in the new healthcare program.

According to David Kennedy, CEO of TrustedSec, the information was easily obtained without even resorting to hacking. Appearing on Fox News Sunday, Kennedy explained:

There’s a technique we call passive reconnaissance which allows us to query and look at how the website operates and performs.... These type of attacks that I’m mentioning here ... is very easy to do, it’s a rudimentary type attack that doesn’t actually attack the website itself — it extracts information from it without actually having to go into the system.... Think of it this way, think of something where you have a car and the car doors are open and the windows are open and you can see inside of it, that’s basically what they allow you to do and there’s no real sophistication level here — it’s just really wide open.... And 70,000 was just one of the numbers that I was able to go up to and I stopped after that.... You know, I’m sure it’s hundreds of thousands — if not more — and it was done within about a 4 minute timeframe.

Kennedy’s announcement provoked so many concerns that Kennedy had to update his blog post to emphasize that no data was actually dumped and no hacking took place. He reiterated that he simply used basic Google tools to search the Web, a fact that likely did not assuage concerns over the security of the website.

Simply stated, healthcare.gov “fails to meet even basic security practices for protecting sensitive information of individuals and does not provide adequate levels of protection for the website itself,” he said.

Kennedy has already testified before congressional committees twice on the lack of security in the healthcare website.

Click here to read the entire article.

The JBS Weekly Member Update offers activism tips, new educational tools, upcoming events, and JBS perspective. Every Monday this e-newsletter will keep you informed on current action projects and offer insight into news events you won't hear from the mainstream media.
JBS Facebook JBS Twitter JBS YouTube JBS RSS Feed