This page has been archived and commenting is disabled.
HealthCare.gov Hacked
Just when one thought the embarrassment for Obamacare, and its epically flawed, bloated portal, Healthcare.gov, which according to some accounts has over 100 million lines of code, the vast majority of which did not work as it is after all a government project, could not get any worse, it just did following a report in the WSJ that the website which is reasonably expected to be the safest in the world - and at a price of over $500 million it should be the safest in the world - considering it holds not only the financial but personal and healthcare data of millions of Americans, has been hacked.
According to the WSJ, a hacker broke into part of the HealthCare.gov insurance enrollment website in July and uploaded malicious software.
Naturally, the spin doctors have been promptly activated because the last thing a scandal-ridden administration needs is a reminder of the worst website roll-out in history, and supposedly investigators found no evidence that consumers' personal data was taken in the breach, federal officials said. "The hacker appears only to have accessed a server used to test code for HealthCare.gov. The Department of Health and Human Services discovered the attack last week."
So... the website was hacked in July, and nobody learned about it until two months later? But that's ok, because "investigators" are confident nothing important was taken. Mmmk.
The humor continues:
An HHS official said the attack appears to mark the first successful intrusion into the website, where millions of Americans bought insurance starting last year under the Affordable Care Act. It raised concerns among federal officials because of how easily the intruder gained access and how much damage could have occurred.
"Our review indicates that the server did not contain consumer personal information; data was not transmitted outside the agency, and the website was not specifically targeted," the Department of Health and Human Services said in a written statement. "We have taken measures to further strengthen security."
It wasn't specifically targeted, so that means it was accidentally targeted? Or was it hacked by mistake?
Speaking of hacking, Obamacare appears to be merely the latest in a long string of website intrusions, which lately have affected everyone from JPMorgan, to Home Depot, to the iPhone cloud, to virtually every single retailer.
And now the search for the culprit begins:
The White House and Congressional staff have been briefed on the matter, officials said. The Department of Homeland Security, Federal Bureau of Investigation and National Security Agency have aided the investigation, which is active. The FBI traced the attack to several Internet addresses—some overseas—but doesn't think it is the work of a state-backed actor, officials said.
"There is no indication that any data was compromised at this time," DHS spokesman S.Y. Lee said in a written statement. "DHS will continue to monitor the situation and help develop and implement precautionary mitigation strategies as necessary."
You mean there is no YouTube clip showing Putin clearly hacking Obamacare.gov in yet anoter attempt to antagonize NATO? Or, rather, not clip yet.
It goes without saying that the contents of the website are, well, quite personal.
As an insurance enrollment portal, HealthCare.gov stores deeply personal details on Americans, including Social Security numbers, financial data and names of family members. None of that appeared to gain the still unknown hacker's interest, officials said.
Not that the government would tell the truth of course. So instead what the hacker appears to have done, according to the official party line, is use Healthcare.gov as a portal to seed further attack: "Rather, investigators found that in July, the intruder did just one thing: install malware on a HealthCare.gov server so it could be used in future cyberattacks against other websites, federal officials said. Hackers often take over troves of computers and servers to direct mischief traffic at websites. The rush of traffic, known as a denial of service attack, overwhelms the site and knocks it offline."
It gets worse:
Washington officials said they are concerned that an intruder gained access to the HealthCare.gov network through a basic security flaw. The server accessed had such low security settings because it was never meant to be connected to the Internet, the HHS official said. When the hacker broke in, it was only guarded by a default password, which often is easy to crack.
"There was a door left open," the official said.
The department discovered the break in weeks later on Aug. 25 during a daily security scan. Buried amid lines of computer log files was data showing the test server had been contacted by the outside Internet, which wasn't supposed to happen.
As for the punchline, it comes as expected, from a government apparatchik: "If this happened anywhere other than HealthCare.gov, it wouldn't be news," a senior DHS official said.
Well, not really: do the names JPM, Home Depot, Target, Apple ring a bell? And speaking of healthcare.gov, a website which contains everything about a given individual, from their personal data, to their financial details, to their healthcare information, one can see why what has become the portal to socialized US healthcare should have been made a little tougher to hack than someone "accidentally" entering through an open door.
HHS said it has taken cybersecurity seriously since launching HealthCare.gov nearly a year ago. The site undergoes quarterly security audits from Blue Canopy Group LLC, a private security company in Reston, Va. It also undergoes daily security scans and drill hacking exercises.
So how many hundreds of millions in taxpayer funds was syphoned off into Blue Canopy Group, and how much of this was subsequently funelled back to the government in the form of kickbacks for a contract which apparently nobody even bothered to take seriously. Surely it doesn't matter: after all it is not as if the Fed can't or won't print a few billion to cover whatever the damage was.
Because in an era of zero accountability and infinite printing, why should anything matter any more?
»
- 10361 reads
- Printer-friendly version
- Send to friend
- advertisements -
Barry, you're such a cartoon
BZZZZZZZZZZZZZZTTTTTTTTTTTTTTTTT.....
WRONGO!
Cartoons are enteraining, Black Mussolini, not so much.
Mayyyybe Wookie should not "only" hire friends who graduated from ITT Tech?
Just and idea...... Thinking out of the affirmative action box....
Yep, Government built that. The token AA hired spokesperson said: "I don't read cursive- Sir."
Hacked, huh? Yep, it was always just a question of WHEN, not IF.
hey tyler ur graphic for this article is broken
oh wait
Exactly. It's not necessarily the security architecture in place. Anything can be hacked. The entire model for holding highly personal data is flawed on that basis. People don't hack the [insert governement agency] because they are affraid of being caught. Not because it's not possible. But most people are highly ignorant with respect to security. That's why they feel safe uploading naked picture to fucking iCloud.
Did anyone really ever think that this government program was ever created to benefit the public?
Oh contrare, if you thought so, you are sadly mistaken. The criminals are criminals because they enjoy stealing from innocent people who have no knowledge, who are so apathetic, or otherwise willingly ignorant of the criminality of their leaders.
Uhh .... it would appear that uhh ....
we've been hacked by some folks.
Uhh .... We're not going to stand for it uhh ....
we're going to uhh .... bring those folks
responsible for this attack to justice. uhh ....
Another Red Line!
Now where's the #meme?
You didn't hack that
Why don't you dudes do something about your .gov?
Bitchez be treatin' you like bitches yo!
Many of us would like to... but unfortunately Republicans are pussies!
And as long as we keep waiting for republicans (or D's) we will never see things change for the better. I bet any party for that matter.
We have over 100 million folks that receive their 'daily bread' from .gov. Both Dems and Repubs, and they ain't gonna do shit until their free goodies are threatened.
The problem is that when their goodies are threatened, they'll demand government take even more from you and me. Social Justice! MOAR! Foward!
And now you know how it works, since Rome. Probably well before.
Programming in Ebonics is difficult.
Dat's raciss!
Who wrote that software? They pocketed one heck of alot of money for a faulty product [or shitty service]. Any respectable DOJ would get the money returned to the taxpayers.
Surely you don't expect AG withHolder to prosecute a case of Admin crony-capitalism? Those were sweetheart contracts awarded to supporters.
Fuck, now they qualify as Ambassadors! Just stay away from Hillary . . .
"The MOST ethical Admin in American history"...
That's what Obozo said he would have if we elected him.
Bovine Excrement!
Don't you know? It's worse than you expect. Look into it.
https://en.wikipedia.org/wiki/List_of_failed_and_overbudget_custom_softw...
https://en.wikipedia.org/wiki/HealthCare.gov
http://washingtonexaminer.com/article/2537194#.UlvHPWwQRGk.twitter
http://dailycaller.com/2013/10/25/michelle-obamas-princeton-classmate-is...
https://en.wikipedia.org/wiki/CGI_Group one of four primary https://en.wikipedia.org/wiki/Recovery_Audit_Contractor
https://en.wikipedia.org/wiki/Experian
https://en.wikipedia.org/wiki/Quality_Software_Services subsidiary of https://en.wikipedia.org/wiki/UnitedHealth_Group
http://www.businessweek.com/articles/2013-10-16/open-source-everything-t...
https://en.wikipedia.org/wiki/Centers_for_Medicare_and_Medicaid_Services
https://en.wikipedia.org/wiki/Marilyn_Tavenner prior CEO of https://en.wikipedia.org/wiki/Hospital_Corporation_of_America largest health care facility operator in the world
https://en.wikipedia.org/wiki/Tim_Kaine under him, she was Secretary of Health and Human Resources for Virginia
Programming in Ebonics be difficult. Shizzle.
Is shizzle still in use?
Like this friend?
http://dailycaller.com/2013/10/25/michelle-obamas-princeton-classmate-is-executive-at-company-that-built-obamacare-website/
Deleted
Beyond belief!! I never thought, in a million years, that something like this could happen!! Shocking!!
I've said it before and will say it again: The GOV has all the info anyway. When you sign up you give it to them. Assign this as a weekend project to 2-3 NSA guys and get it done right. Put this story out of its misery. It will cost almost nothing and will be done in 2 weeks.
Hahahaha.
Gummint: ctrl-alt-del
"If this happened anywhere other than HealthCare.gov, it wouldn't be news," a senior DHS official said.
Credit card data hurts. The data on HealthCare.gov will fucking crush people.
Because the hackings of Target and Home Depot never made the news cycle...
Oh the poor baby, as if data theft hasn't been in the news lately. I'm sure everyone was just picking on him needlessly.
Obamanation: Like a monkey fucking a football.
He couldn't fuck a football if he tried...9 iron gets in the way :)
H1B Visa's are sure cheaper...how's that QUALITY working out for you all?
So far just this week:
.gov
.oil
.homedespot
.actresses with grezzie loads on their faces
Infrastructure will be toast soon because of these greedy tech firms. Mark my words!
We n33ds moar common coar with 10 Base T addition being taught I guess??? Geez.
Have em work on the software code on that piece of shit F-35. Another total fiasco and total garbage.
The Russian weapons systems have top software programmers.
America? H1B's and cheap ass defective Chinese parts. Good luck with that.
Soon, not off in the far too distant future, American STEM grads will be moving to former USSR to gain meaningful employment since none exists here in the USS of A anymore. Think I'm crazy right? Let me ask you all...what did all those former Soviet Nuclear Enginneers do and where did they go and what did they work on when the Soviet Empire collapsed? I'm just sayin, importing H1B's is okay when well regulated and the country can afford to do that...to a point. Last time I checked, if you're a forign national...no secret security clearence for you!
"Think I'm crazy right?"
No not at all. With a real leader at the helm most will dig deep to be a part of greatness.
Caveman makes a valid point. I have two friends -- top notch pharma researchers with combined MDs and PhDs -- who recently quit their jobs here ... lured away by some big pharma companies outside of Shanghai for 30% more salary + benefits. Sad to see 'm go but that's the cold reality these days. Go where the money is and as Steve Jobs said, "those jobs are never coming back."
As someone who has waded through a bit of code, it's getting distressing to find that a lot of cutting edge stuff is Russian and Chinese. How does one know? Well for one, source files are stored as UTF-8 with BOM and the varnames and comments are composed of non-Latin characters. English used to be the lingua franca of programming...
Yep, Obozo is determined to make the USSA a 3rd World country.
Trickle up stupidity and poverty!
With Healthcare.gov hacked, there will be a lot of H1N1 visas...
Not for Information security...we don't grant secret clearence to foreigners. See TRIcare. Maybe for crappy code fixes but without the clearence, you ain't working on no source code.
They'll be carrying viruses, but not the computer type...
Ooops, I didn't think they knew my 6 yr old nepehew had found the back door.
Quick - have him register every member of congress and Il Douche's administration!
No, they were too busy finding each other's back door to notice.
fuck. leaked data means more annooying calls from India pretending to be debt collectors threatening immediate arrest if not paid.
Free Slurpy with early payment.
or "is that the best you can do?"
Rent is TOO DAM HIGH!
If they have access to the server, it's likely they have access to communicate with the services it communicates with.
Someone check Kathleen Seblius' home computer !!!
They did, said her Solid State Drive failed due to rotating disk arm being broken or something. 3rd time this week on her machine!
Commodore 64
ACA = IRS <- Preaze herp. 8 foddy mirron doras don't buy what it use ta in Indier. Our poriees state need yer herp.
it is not suprising it took so long to make the news if their security infrastructure is sub-par.
Its not subpar in any meaningful way. This is a ploy to justify the next 840 million for the next iteration of of this Total Information weapon. Total War is here.
and just think, the humans are so stupid they even carry their tracking machines around with them everywhere they go....! Eureka !
.
They pretty much admitted their security infrastructure is sub par when describing how they found it:
If the server was never supposed to be reachable from the internet, a daily security scan would have revealed the breach the following day at the very latest. Instead, it went unnoticed for two months.
One explanation: the daily security scan is scheduled to run once every two months.
Another explanation: the daily security scan runs daily, but the results are only examined once every two months.
Of course, it's also entirely possible that the daily security scan is a completely fictional event/process.
The daily scans are sent daily to security admins. Someone still has to actually read it though.
That site has all the juicy details on a person needed to perform identity theft.
Every piece of personal & private data - on a .gov website! Fucking Genius.
Biggest bullseye on the Internet.
Of course it got hacked.
Maybe it's actually designed to be a Honeypot?
If it was, it would be working as designed and there would be no reason to mention it.
Touche my friend!
Yes but not in the manner you are thinking of.
Remember who the original contractor was that set up the website.
It was CGI federal and it was a no bid contract.
They just happen to own this company.
http://www.triple-tree.com/transactions/transaction_archive/silver-oak-s...
...
Silver Oak Solutions has successfully analyzed over $150 billion in spending and sourced $10 billion in spending delivering $2 billion in annual, cash savings (~ 20%). Through the development of its own proprietary Spend Management offerings called PRISM®.
...
They did such a good job they don't even need to use the backdoor since the front door is wide open still with no one watching.....
This reminds me of how they leave M-16s in unguarded warehouses in Kuwait. You'd almost think it was done on purpose since no one would be that irresponsible and stupid with highly important items like military grade weapons or people's personal information.
http://www.worldtribune.com/2013/04/09/20000-u-s-m-16s-stolen-from-ungua...
perhaps this was intentional since you're hoarding so much money and this will give you incentive to charge, charge, charge to the max so that any hacker using your credit card will be denied and you will have done your patriotic duty to not hoard cash.
Onward comrades, to the Bank of Sealy
What this website is, is Total Information Warfare, first on Americans, then the rest of the world. 840 millions was the down payment for version 1.0. This thing is the police state. Think. This is obviously not about healthcare. This first version processes every minor language on the planet. Why is that?
Blame BUSH!
Good news is that the database is probably horribly designed, so the hackers won't know how to extract useful data.
SELECT * FROM users WHERE clue = 'yes'
For Obamacare? NULL Set returned!
The way the healtcare.gov site works is that it's really a hub that communicates with 20-30 different external systems. That's why it's not really a "website" as people say, it's really a pretty substantial application. It's also likely why they had so much trouble, because you're depending on the external systems to play nicely and have the performance enough to make it a web application.
In any case, if you could get the keys to those services, it would be really bad. It wouldn't just be users of the system, it would be anyone in those services, which could be anyone.
You know... You could pretty much take the balances in every major bank and blame it on Russian hackers, "forget" that there's backups, and pull off the same thing as the Cyprus bail-in without all the messy politics.
'Cause hackers can do anything! /sarc
When you consider everything else that Obama has screwed up Obamacare doesn't seem so bad does it. He'll go down as the very worst president we've ever had and it's not close. But not to worry. Barry will hold his head up high as he heads out ... That is if he leaves.
$250K speaking engagements, for the win.
You're just parroting what someone else told you and clearly you have no thoughts of your own. There have been many worse presidents, literally in the last 20 years.
Clearly history (or thinking) isn't your strong suit...
lol
There hasn't been anybody worse among the first 43 POTUS. Maybe from now on, though it will be really hard...
Send him to Dallas in a convertible. Only then should he hold his head up high.
Let me give you two words that will cause you to reconsider that comment... President Biden.
I was thinking of two other words: full automatic.
Biden might be a walking accident, but Obama is fucking up on purpose.
That's okay, 6 years ago my bank wanted to charge me for id theft protection. They said if I ever registered to vote my info was already compromised, I told um I never registered cause I don't believe the same things politicians do, so now it looks like I don't need your protection. Aint never had a problem, and don't intend to either.
For two months it was compromised yet no "personal data" was breached.
What other non personal data is the server full of that anybody would want?
If the NSA doesn't already know who did it, they are on the wrong side.
Although, they could be the hacker..........
Hasn't someone already demonstrated how bad the security of this site? Didn't someone do a demo of how to download user data from the site?
I never even used it and my insurance premiums were hacked for $1000/month for shit poor nothing insurance to boot. I can live in Mexico comfortably for what I pay for health insurance.
Note to all Hackers. Next time Delete everything.
del *.* /s /f /q
rm * -alR
format c:
fdisk /mbr
Thanks!
Don't forget to get their backup files too!
The IRS said there is no backup....
Hahahahaha...........
Now I know why I have so many Nigerian princes looking for my assistance.
OMG honey. It's ISIS coming to steal our health care. We have to give another $10 trillion to Israel to save us!!!!!!!!!!!!!!!!!
joego1:I never even used it and my insurance premiums were hacked for $1000/month for shit poor nothing insurance to boot. I can live in Mexico comfortably for what I pay for health insurance.
...better food too.
Having politicians involved with anything practical is just asking for trouble. They will argue over the meaning of words and assume that they have done something useful.
Zero Confidence.
Zero Faith.
Zero Trust.
Thanks for posts guys, I need to laugh a bit today! How come a hacker hasn't come up with some details on Obama, starting with the real birth certificate, who paid for the education.........
Anyone have Waxmans address? Obamacare Website Has Never Been Breached, Waxman Says - Bloomberg
If you want to keep your Obamascare hacker, you can keep your Obamascare hacker...
LOL, not much of an accomplishment.
ha ha ha...Atta boy Putin...show the golfer in chief who controls who...LOVE IT!!!!
Don't sign up. don't even think about it.
I'd rather run the the street screaming with my hair on fire.
Now it feels like I am paying a fee to the IRS to keep my personal data privatish.
What a scam.
There is a legal way to escape the filthy scam called obummer care.
Not many people realize this but if you are employed by a foreign employer who provides a plan then you are automatically exempt from obummer care.
No matter that employer has an office in the US or not and the Obummer does NOT force foreign companies to establish minimum coverage.
Like abortion cover for 70 year old men.
We have specifically joined and set up a sheme with a company in the UK running a group scheme that has world wide coverage virtually no deductibles covers pre existing and eyes and dental is worldwide has a $3.2 million annual limit and is a THIRD the cost of the obummer scam. and it EXEMPTS you from obummer shit and anyone self employed employed can join under 37 yr old
They will legally employ under a contract any US citizen who wants to join the plan which is underwritten by one the biggest listed insurers running group schemes in the UK
link to see details
http://ukasiagroup.biz/iridium-group-health-scheme
100 million lines of code for $500 million is cheap very cheap.
Indians have been coding it? or Vietnameese for a handfull of rice?
Or maybe North Koreans for a half of a Vietnameese share?
Healthcare.gov may have been hacked but key MS13 gang members have been safely relocated throughout the US.
Healthcare.gov may have been hacked but key MS13 gang members have been safely relocated throughout the US.
Shit I'm beginning to get depressed. I had to travel all day and didn't get my dose of Ebola articles to read.
Wait! I thought the aforementioned website was a Nigerian Scam thing.
They actually sell insurance?