Healthcare Dot Gov Is As Secure As Chicken Wire Holding Back T-Rex

0
Share

1378406_10200925785686812_1150761140_n

You know how the Food Stamp cards recently went out without a limit in Louisiana due to a computer glitch? Wait until the same people who gave you food stamp cards are in charge of your healthcare needs. Wait until your healthcare is dependent on this healthcare dot gov site.

The Alaska Dispatch found significant cybersecurity problems that no one is talking about! It’s architecture is outrageous as in outrageously bad, according to their cybersecurity experts.

The problems are many and they should have been obvious. For one thing, healthcare.gov can be ‘spoofed,’ in other words, criminals can design a matching site that will grab your information as you input. Another problem is the login which allows frequent errors upon login. A bank, for instance will allow no more than three tries. Allowing endless tries gives hackers the opportunity to keep trying until they get the password.

The serious cybersecurity issues noted by the Dispatch:

Request Forgery: It will grant automatic ‘all-Access Request for other site.’ That allows another site to make certain kinds of requests that could allow ‘cross-site request forgery.’ They can fool the government into releasing your information.

Clickjacking: The site wil allow an attacker to put an invisible layer over the legitimate site, allowing users to end up on a renegade site where they will divulge their personal information.

Cookie theft: There appears to be no feature that prevents access to cookies stored on a user’s personal computer. An attacker could grab sensitive information such as health issues, income level, and marital status.

Verification: The way the site is set up, there isn’t a single, authoritative site where people can go and register for coverage. There is the federal site, the sites run by individual states, and then within each state, there are legitimate third party sites that provide assistance. The federal site uses SSL to verify itself, the state and third-party sites are not requires to use SSL and they don’t authenticate.

Enroll at healthcare.gov at your own peril. The application is endless and asks for all your personal and financial information.

Last September, the Canadian provincial health officials fired the the parent company of CGI Federal, the main contractor for the Obamacare health exchange websites according to the Washington Examiner. The firm missed three years of deadlines and never delivered the online medical registry.

The company charged with determining and processing subsidies for health insurance provided by federally-run healthcare exchanges – Serco – is under investigation in the UK for ‘serious fraud‘.

This is the company charged with determining who is eligible for insurance subsidies and Medicaid but they are unable to accurately calculate the subsidies for Obamacare exchanges so we have to go on the honor system.

Criminals and illegal aliens are serving as navigators which doesn’t make one feel their data will be secure. One company released private information on 2500 applicants to another company. Many are concerned that this type of thing will lead to identity theft.

Doctors are expected to ask about sexual and mental issues as part of the Wellness visit. My aunt filled out the form for her Medicare and wrote sarcastic comments and a lot of ‘it’s none of your business.’ She said that she used to get two physicals a year but now gets one and a Wellness visit. The Wellness visit – thanks to Obamacare – is a questionnaire of nosy questions, but that’s for another article.

The  Alaska Dispatch said no one signed up for the exchanges in Alaska as of 4 days ago. It’s hard to enroll when no one can get on.

I personally was finally able to get an account but couldn’t get back onto the account because it said there was no enrollee with my name. When I tried to re-enroll, I received a message that there is already an enrollee with my name. Sigh!

Read about the cybersecurity problems at the Alaska Dispatch.

 

Share