Security Experts Warn Americans: Personal Data Not Secure on Healthcare.gov
Four cyber-security experts testified before a Senate committee about the Healthcare.gov website’s lack of security and risk of exposure to Americans.
All four cyber security experts unanimously concurred that, given the security issues, Americans should not use the site at present.
“It’s not only social security numbers … it’s one of the largest collections of personal data, social security and everything else, that we’ve ever seen,” said David Kennedy, CEO of information security firm TrustedSEC.
One key problem facing Healthcare.gov is that security wasn’t built into the site from the very beginning, he said — an opinion shared by both Kennedy and Fred Chang, the distinguished chair in cyber security at Southern Methodist University.
“There’s not a lot of security built into the site, at least that’s what we can see from a 10,000 foot view,” Kennedy told the committee.
Kennedy told FoxNews.com he based this on an analysis revealing a large number of SQL injection attacks against the healthcare.gov website, which are indicative of "a large amount" of hacking attempts.
‘I would say the website is either hacked already or will be soon.’
– David Kennedy, CEO of information security firm TrustedSEC
"Based on the exposures that I identified, and many that I haven’t published due to the criticality of exposures – if a hacker wanted access to the site or sensitive information – they could get it," he told FoxNews.com.