The Security Hot Seat: HealthCare.gov



Welcome to our newest blog feature, The Security Hot Seat. Every Monday we will put a person or organization in the Hot Seat based on the security news of the past week. We picked quite a week to kick this off!

First there was the UPS store breach, then came JP Morgan Chase. We could have put any number of Hollywood celebs in the seat with the SelfieGate incident, but given the nature of the images we felt that would have been in poor taste. Home Depot was also a clear contender given the speculation that their breach could be broader than Target’s when all is said and done. But we ultimately went with HealthCare.gov.

An outside attacker broke into the HealthCare.gov insurance website in July and uploaded malicious software on a test server, according to federal officials and reported by the Wall Street Journal last week. "Our review indicates that the server did not contain consumer personal information; data was not transmitted outside the agency, and the website was not specifically targeted," HHS said in a written statement. With mid-term elections around the corner and given all their past technical woes, this was that last thing HealthCare.gov needed. Sure no data was lost (this time), but the fact that the test server was connected to the Internet, didn’t have any security software, and was protected by the default password from the manufacturer makes their security team look like a bunch of amateurs. This registration site serves almost 5 million US consumers in 36 states – better batten down those security hatches, HealthCare.gov, you are still a ripe target for hackers.

Connie Stack
Related Articles
The Security Hot Seat: Personal Device Encyption

This week' s Hot Seat features the latest issue in the debate on personal privacy vs. national security

Security Hot Seat: Chip and PIN

The Latest Payment Card Security Technology in this Week's Hot Seat

Security Hot Seat: Unpatched Drupal 7 Sites Compromised

The Open Source CMS Leader in the Hot Seat after Announcement of Widespread Compromise

Connie Stack

Connie Stack is chief marketing officer at Digital Guardian. Connie leads all aspects of the company’s global marketing efforts including strategy, messaging and positioning, brand development, demand generation, digital marketing, channel marketing, website messaging, social media strategy, and analyst and public relations.

Please post your comments here