clock menu more-arrow no yes

Filed under:

The US government is hacking Healthcare.gov to make sure it's secure

New, 5 comments

Weekly attacks launched to probe for weakness

The launch of Healthcare.gov, the US government's health insurance website, was beset with technical problems so severe that only six people were able to enroll on its first day in October 2013. Ahead of a second enrollment period, beginning on November 15th, government officials are launching cyberattacks against the revamped site to make sure the same crippling bugs and security holes don't appear again.

Andy Slavitt, hired to oversee the Centers for Medicare and Medicaid Services' Healthcare.gov program, says that groups of white-hat hackers in his team are conducting weekly attacks on the network that simulate real hacking attempts, in order to probe for weak points and bolster its defenses. Flaws in the previous incarnation of Healthcare.gov were exposed earlier this year when a security researcher reportedly obtained 70,000 medical records through a Google search.

Healthcare.gov will be updated before a second enrollment period beginning November 15th

Scarily, the speed at which Healthcare.gov was developed and rolled out in October 2013 reportedly didn't allow for full security checks, meaning that despite assurances to the contrary, your private medical information could possibly have been stolen by less ethical hackers. Ahead of the coming update, Slavitt says HealthCare.gov is "now certified to meet rigorous government standards for cloud computing," but even if the new site works perfectly from the off, the question remains — how did the US government get it so wrong in the first place?