A Health Care Hacking

Eyeglasses with newspaper and coffee cup

We knew it was bound to happen sometime; we just didn’t know it would take the feds six weeks to discover it. The Wall Street Journal reported[1] Thursday that the Obamacare insurance website, HealthCare.gov, was hacked in July. But it took officials at the Department of Health and Human Services (HHS) until the end of August to discover the uploaded malicious software.

Officials have been quick to assure the public that there is no evidence that consumers’ personal data was harmed during the security breach. They’ve also, unsurprisingly, tried to downplay the hacking as much as possible. One senior DHS official even said “If this happened anywhere other than HealthCare.gov, it wouldn’t be news.”

Except it did happen at HealthCare.gov – the website where the federal government has told American consumers they must dump their very personal, private information.

The government claims the hacker did not access private information, but this is the same crowd that told us if we like our health care plan, we can keep it and we all know how that turned out. Further, the attack did occur on the server connected to more “sensitive parts of the website.” If nothing else, we know that the website is a target. That means every American on HealthCare.gov is a target.

As Rep. Joe Barton of Texas noted, “It is full of data that criminals covet. Handing private information over to the government is bad enough. People should at least know it won’t fall into the hands of
hackers.”

Security breaches have been a top concern since the early days of Obamacare design. The disastrous rollout of HealthCare.gov last year did nothing to mitigate concerns; officials can attempt to placate all they want. The security risks are real, as we now know.

Recent news has shown us just how easy it is for personal information to be stolen by hackers and disseminated into the wrong hands. Is it only a matter of time before Obamacare enrollees are next?