Expert Says Healthcare.gov Security Worse After Fix

Expert Says Healthcare.gov Security Worse After Fix

First we learn security wasn’t even built into Healthcare.gov to start with.

Now, after they “fixed” the site, we learn it’s even worse:

“It doesn’t appear that any security fixes were done at all,” David Kennedy, CEO of the online security firm TrustedSec, told the Washington Free Beacon.

Kennedy said fundamental safeguards missing from Healthcare.gov that were identified by his company more than a month ago have yet to be put in place.

security

“There are a number of security concerns already with the website, and that’s without even actually hacking the site, that’s just a purely passive analysis of [it],” he said. “We found a number of critical exposures that were around sensitive information, the ability to hack into the site, things like that. We reported those issues and none of those appear to have been addressed at all.”

After warning Americans when testifying before Congress on Nov. 19 to stay away from Healthcare.gov, Kennedy now says the situation is even worse.

“They said they implemented over 400 bug fixes,” he said. “When you recode the application to fix these 400 bugs–they were rushing this out of the door to get the site at least so it can work a little bit–you’re introducing more security flaws as you go along with it because you don’t even check that code.”

“I’m a little bit more skeptical now, and I would still definitely advise individuals to not use the website because it’s definitely something that I don’t believe is secure and neither did the four individuals that testified in front of Congress,” Kennedy said.

Only the government could take a complete failure, and make it worse.

See also:

Share this!

Enjoy reading? Share it with your friends!