Monday, December 30, 2013

Sebelius questioned about Obamacare site security

obamacare security hole NEW YORK (CNNMoney) At a House hearing on Wednesday, U.S. Secretary of Health Kathleen Sebelius acknowledged security concerns facing Healthcare.gov but said the site had not been hacked.

Until last week, anyone could easily reset Obamacare applicants' passwords and potentially hijack their accounts. The glitch was discovered last week by a software tester in Arizona, and CNNMoney reported the security vulnerability on Tuesday. Health spokeswoman Joanne Peters told CNNMoney that the Department of Health made key changes this week, eliminating the "theoretical vulnerability."

Sebelius rebutted incorrect assertions by Republican Congressmen that the website had been hacked.

"There was not a breach," Sebelius said. "It was a theoretical problem that was immediately fixed."

Related story: Security hole found on Obamacare website

Though the security hole was never exploited, the problem was quite real -- at least until last week. Anyone who could guess an existing user name and had a basic understanding of how to read a website's code could potentially access someone's account.

Congressman Mike Rogers, R-Mich., also asked Sebelius about the security implications of putting in so many patches and fixes. He said that adding in new computer code exposes the entire system to new risks. He also accused health officials and their many contractors of not performing a system-wide security test, a tech industry standard.

"You did not have the most basic end-to-end test on security in the system" Rogers said. "Amazon (AMZN, Fortune 500) would never do this."

When Rogers asked if the federal government would be willing to shut down the Obamacare website until such a test is done, Sebelius said no.

Related story: Obamacare site has another outage

During the hearing, Sebelius spoke at length about the website's many issues, apologized for its shortcomings and promised they would all be resolved by the end of November -- even while most of the site remained down Wednesday morning.

"Hold me accountable for the debacle. I'm responsible," she said. To top of page

1 comment:


  1. Mid-caps wrap: NATCO Pharma gains 24%
    Dollar slips as North Korea tensions rise
    Stock Advisory Company

    ReplyDelete