Megalextoria
Retro computing and gaming, sci-fi books, tv and movies and other geeky stuff.
Home » General Discussion » News and Politics » Healthcare.gov 'may already have been compromised,' security expert says
Show: Today's Messages :: Show Polls :: Message Navigator
E-mail to friend  		Switch to threaded view of this topic Create a new topic Submit Reply
Healthcare.gov 'may already have been compromised,' security expert says [message #187557] Wed, 20 November 2013 16:03
CyberkNight is currently offline  CyberkNight
Messages: 1606
Registered: July 2012
Karma: 0
Senior Member
Not only is healthcare.gov at risk, it may already have been compromised, a security expert testified before the Senate.

"Hackers are definitely after it," said David Kennedy, CEO of information security firm TrustedSEC before a House Science, Space, and Technology committee hearing on security concerns surrounding the problematic Healthcare.gov website.

"And if I had to guess, based on what I can see ... I would say the website is either hacked already or will be soon."

Kennedy told FoxNews.com he based this on an analysis revealing a large number of SQL injection attacks against the healthcare.gov website, which are indicative of "a large amount" of hacking attempts.

"Based on the exposures that I identified, and many that I haven't published due to the criticality of exposures if a hacker wanted access to the site or sensitive information they could get it," he told FoxNews.com.

A spokesman for the Department of Health and Human Services, which runs the nation's new healthcare website, did not immediately respond to a request to for more information.

One key problem facing Healthcare.gov is that security wasn't built into the site from the very beginning, he said -- an opinion shared by both Kennedy and Fred Chang, the distinguished chair in cyber security at Southern Methodist University.

"There's not a lot of security built into the site, at least that's what we can see from a 10,000 foot view," Kennedy told the committee. And although the site doesn't house medical records, it integrates deeply with other sites, includes ecommerce information, and houses a vast array of data that presents a very salient target.

"It's not only social security numbers ... it's one of the largest collections of personal data, social security and everything else, that we've ever seen," Kennedy said.

Full article: http://www.foxnews.com/tech/2013/11/19/healthcaregov-already -compromised-security-expert-says/

Megalextoria

Report message to a moderator

  Switch to threaded view of this topic Create a new topic Submit Reply
Previous Topic: Fed nominee Janet Yellen objects to audit of monetary meetings
Next Topic: TSA Spent $878 Million on Screening Program That Probably Doesn't Work
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ] [ PDF ]

Current Time: Fri Apr 19 07:40:47 EDT 2024

Total time taken to generate the page: 0.08823 seconds
.:: Contact :: Home ::.

Powered by: FUDforum 3.0.4.
Copyright ©2001-2012 FUDforum Bulletin Board Software