Experts Say Healthcare.gov Could Be Hacked

Danielle Wiener-Bronner | The Wire | January 16, 2014

Cyber security experts are prepared to slam government officials over the embattled Obamacare website during today's Department of Health and Human Services (HHS) hearing on its "own security concerns about healthcare.gov," citing vulnerabilities they think make the site easy to hack. 

David Kennedy, the head of security consulting firm TrustedSec, told Reuters that he and others identified 20 weak points on healthcare.gov that the government has not yet resolved, even though the warning was issued months ago. According to Kennedy, the problems with the site make it susceptible to a number of security breaches. Users could see their personal information stolen by thieves, their data modified or their personal computers attacked. Hackers could also mess with the site's already fragile infrastructure.

In November, Kennedy testified with three other experts on the site's security during a Science Committee Hearing. Three out of the four witnesses said the site was so vulnerable to attack that it should be shut down. 

Kennedy has conducted "passive analysis" of healthcare.gov — which means he didn't hack into the site himself — to conclude that it would be easy to steal user information. Reuters reports: