Hackers Breach Obamacare Website, Info on 75,000 Compromised
Apparently, $2.1 billion wasn’t enough to ensure that the Obamacare website was hack-proof.
According to a statement last week from The Centers for Medicare and Medicaid Research, they were “responding to suspicious activity in agent and broker exchanges portal.”
What does that mean? Essentially, data on 75,000 individuals was compromised.
“Earlier this week, CMS staff detected anomalous activity in the Federally Facilitated Exchanges, or FFE’s Direct Enrollment pathway for agents and brokers. The Direct Enrollment pathway, first launched in 2013, allows agents and brokers to assist consumers with applications for coverage in the FFE,” the statement said.
“At this time, we believe that approximately 75,000 individuals’ files were accessed. While this is a small fraction of consumer records present on the FFE, any breach of our system is unacceptable.”
Well, yes, it should be. The Federally Facilitated Exchanges are part of the HealthCare.gov constellation of websites. In 2014, a year after the exchanges first went up, they were estimated to cost an astounding $2.1 billion — and even then, they appeared to have more bugs than an Indonesian rainforest.
“It’s been about a year since Obamacare’s marketplace launched for the first time. After all of the technical glitches, massive repair efforts and major contractor shakeups, the government has struggled to nail down exactly how much it has spent on the website,” The Fiscal Times reported at the time.
“In a federal audit released this week, the Health and Human Services Department Inspector General said obtaining financial information on Healthcare.gov was ‘difficult and time consuming.’ The IG even said that it ‘could not determine the reliability of most of the amounts’ that the agencies had provided.”
While the Obama administration put estimates regarding the cost of the website at a little under a billion dollars, Bloomberg found the number was well over double that amount.
The Office of the Inspector General would later peg the website’s cost at only $1.7 billion, still a bit more than double what the Obama administration said it was.
If you think that looks bad, consider the original estimated cost for the Canadian firm CGI Group to design the website was just $93.7 million.
Yes, 75,000 may be a small percentage of the number of people in the system, but it’s still a fairly major breach when you consider the sensitivity of the information contained therein.
“Our No. 1 priority is the safety and security of the Americans we serve. We will continue to work around the clock to help those potentially impacted and ensure the protection of consumer information,” CMS Administrator Seema Verma said.
“I want to make clear to the public that HealthCare.gov and the Marketplace Call Center are still available, and open enrollment will not be negatively impacted. We are working to identify the individuals potentially impacted as quickly as possible so that we can notify them and provide resources such as credit protection.”
If only they had the resources to prevent something like this — say, billions of dollars of government funding. At least they acted quickly, though, right?
Well, it depends on what you mean by quickly.
“CMS began the initial investigation of anomalous system activity in the Direct Enrollment pathway for agents and brokers on Oct. 13, 2018 and a breach was declared on Oct. 16, 2018,” the statement said. “The agent and broker accounts that were associated with the anomalous activity were deactivated, and — out of an abundance of caution — the Direct Enrollment pathway for agents and brokers was disabled. We are working to address the issue, implement additional security measures, and restore the Direct Enrollment pathway for agents and brokers within the next seven days.”
In other words, three days passed between the initial investigation and a breach being declared. Given the tools available to web security experts, this doesn’t exactly reek of efficiency.
That, regrettably, puts this episode right in line with the rest of our HealthCare.gov experience.
Truth and Accuracy
We are committed to truth and accuracy in all of our journalism. Read our editorial standards.
Advertise with The Western Journal and reach millions of highly engaged readers, while supporting our work. Advertise Today.