A cyber security expert is expected to tell a House committee Thursday that the government’s healthcare.gov website is still dangerously vulnerable to cyber attacks from hackers, Reuters reports.
Hackers could take advantage of more than 20 vulnerabilities to steal personal information, damage the website or attack the personal computers of users on the site, David Kennedy, head of the computer security consulting firm TrustedSec LLC, told Reuters. He said the government had failed to fix issues he and others reported shortly after the site went live.
“These issues are alarming,” he told Reuters. Kennedy will join three other experts testifying before the House Science, Space and Technology Committee on Thursday.
But Teresa Fryer, chief information security officer at CMS, defended the site’s security Thursday, saying independent security contractors had found that the site met industry standards for cyber-security.
“The protections that we have put in place have successfully prevented attacks,” Fryer said in a separate House testimony Thursday. “While no serious security professional will ever guarantee that any system is hack-proof, I am confident, based on the recent security controls assessment and additional security protections, that the [site] is secure.”
Healthcare.gov is the portal through which Americans in 36 states can sign up for insurance plans under President Barack Obama’s Affordable Care Act. But the site suffered debilitating technical problems in the weeks after it launched Oct. 1. The Obama administration scrambled to repair the site, and it has reportedly worked more smoothly since December.
“To date there have been no successful security attacks on HealthCare.gov and no person or group has maliciously accessed personally identifiable information from the site,” the Centers for Medicare and Medicaid Services that oversees the site told Reuters in a statement.
[Reuters]