Oh My Gawd! Healthcare.gov Got Hacked? Who Could Have Foreseen This?

[JimBowie1958]

HealthCare.gov Site Suffers Hack But No Data Stolen Officials - NBC News

The government's healthcare insurance information website, HealthCare.gov, was hacked this summer, but no damage was done, according to a statement Thursday from the Department of Health and Human Services. "Today, we briefed key Congressional staff about an intrusion on a test server that supports HealthCare.gov," the statement said. The breach was first reported by The Wall Street Journal. HHS said the attack took the form of malware that was installed on a test server and "designed to launch a 'denial of service' attack against other websites when activated." The breach was discovered in late August; the Journal said the hack took place in July.

The hack too k place in July and sat there running on the healthcare network for a month before being found. They don't have a clue if it could have launched self-cleaning bots into other parts of the network that got scrubbed weeks before they found it.

One would be inclined to perhaps give the government some leniency on this were it not for all the prior warnings that were essentially ignored. After all its just muppet dat.

How Healthcare.gov Could Be Hacked Mother Jones

Healthcare.gov - Reasons why it is a hackers target.

How Healthcare.gov Could Be Hacked

How much more incompetence will Dimbocraps heap on this nation? I guess its not a problem until the Dimbocrap crooks let their unaffiliated buddies steal your ID for some Illegal from Latvia so she can work in some rich mans mansion for slave wages.

And this isn't just a Dimbocrap issue; the GOP RINOs are just as supportive of unfetter illegal immigration as the Dimbocraps are. Mitt, W and McSame would have allowed the same damned thing to happen, only the press would be reporting it more often.

But they will still take a few hypocritical kicks anyway.

GOP chorus attacks Obamacare over Healthcare.gov hack - Brett Norman - POLITICO.com

 

[B. Kidd]

Took them 2 months to discover it........

 

[EverCurious]

I was chuckling about that last night. I'd like to know if those hackers would have had access to all the information on the site? I realize they just installed spam bot software this time, but I mean would they have been able to gain access to the information?

In any event, I think it's yet another sign that the government is just not competent to manage this ACA thing.

 

[JimBowie1958]

Yeah, Obamacare, Post office efficiency with DMV care and concern. Wonderful.

Wanna see the future of OBamacare? Look at the VA health care system. That is really popular these days.

 

[EriktheRed]

Let’s run through the basics to help Hatch, Issa, and others get the facts straight.
a practice “so common that it’s attempted 28 different times every hour.” The healthcare.gov site itself was unharmed.

Was healthcare.gov specifically targeted? No. Was any consumer information compromised? No. Was any data transmitted? No. Was there an attempt to steal data? No. Was the website knocked offline? No.
So why is it, exactly, that conservatives are using this opportunity to whine? Because, even now, the right still loves complaining about the Affordable Care Act, without much regard for whether their complaints make sense.

As for Hatch’s claim the healthcare.gov “underwent virtually no independent security testing,” the use of the word “virtually” is pretty amazing . In reality, the site went through extensive end-to-end security testing and passed “with flying colors.” Perhaps Hatch forgot these pesky details when responding to the latest non-story yesterday.

Misplaced ire over healthcare.gov hack MSNBC


See? Now you can go back to bitching about the President at Stonehenge.

 

[saveliberty]

Some day, as a "national security" issue we will all be required to change our names every six months.

 

[EverCurious]

I do not think this is misplaced "ire" (most of the rest of us call that concern)

Obamacare site hacked but nothing taken HHS says - Sep. 4 2014

"Our review indicates that the server did not contain consumer personal information; data was not transmitted outside the agency, and the website was not specifically targeted," HHS spokesman Kevin Griffis said

[...]

But it was a close call, showing just how vulnerable computer systems can be.

It all happened because of a series of mistakes.

It was not just one mistake, but multiple mistakes - AKA incompetence. Hell even the government is willing to admit they need to fix their security issues:

Federal officials say the attack came from several Internet addresses, some overseas.

HHS officials on Thursday briefed Congressional staff about the episode and assured the department has taken "measures to further strengthen security."

As for the personal information thing: back in the 80s I played hacker games with a group of fellow geeks (nothing illegal) if they, and I say they because the Fed's are saying the malware came from several locations, were able to get this bot on a server and 'accidently' put online, there is indeed a chance that they could have gained access to the personal information - it just so happens someone caught the 'multiple mistakes' and found it. Most, if not all, of the hacks I wrote had a back door that would allow me access later on (which I then used to thwart my buddies latest 'anti-hacks' - I even once snuck in my back door and rewrote someone's safety measures to finish off his OS when he compiled it heh)

 

[Delta4Embassy]

Everything gets hacked. If you still use credit cards wow are you stupid.

 

[JimBowie1958]

Thank you for your informed and reasonable rebuttal, though it still FAILs and I will essplain to you how.

Let’s run through the basics to help Hatch, Issa, and others get the facts straight.
a practice “so common that it’s attempted 28 different times every hour.” The healthcare.gov site itself was unharmed.

As far as they know, and this article speaks of a DDOS attack. There is no evidence that this is merely a DDOS attack as it wasn't found for TWO MONTHS which is plenty of time for it to clean up its tracks. These types of 'malware apps' are also used for botnets, which this was as they admit it resembled a DDOS attack set up inside the network on a test server, a typical method of infection and once inside the network, users in the test system (many of whom are developers with admin privs) are then piggy backed with viruses or hidden apps to use that ac counts permissions to run other malware. The dev accesses the test server, then while on the test server he access some data on production, as he does so the malware has had the real serious app threats run silently with no fanfare installing new malware on production. To evade detection this malware is uninstalled on logout or completion of the task. That is how cybercriminals get away with millions of email address, SSNs, home addresses, password, etc. They don't do it all at once they siphon it over the course of several days.

What is a Botnet -Kaspersky Daily Kaspersky Lab Official Blog

Was healthcare.gov specifically targeted? No. Was any consumer information compromised? No. Was any data transmitted? No. Was there an attempt to steal data? No. Was the website knocked offline? No.

So why is it, exactly, that conservatives are using this opportunity to whine? Because, even now, the right still loves complaining about the Affordable Care Act, without much regard for whether their complaints make sense.

Their TEST SERVER on their network was specifically cited so that malware and that allows access to other parts of the network by piggy backing on other peoples accounts while they are in the system. These apps take micro seconds to run and people don't even notice them.

But once on any network that has admin priv accounts to real production data, they are in and targeting the production data which is real world data.

As for Hatch’s claim the healthcare.gov “underwent virtually no independent security testing,” the use of the word “virtually” is pretty amazing . In reality, the site went through extensive end-to-end security testing and passed “with flying colors.” Perhaps Hatch forgot these pesky details when responding to the latest non-story yesterday.

Misplaced ire over healthcare.gov hack MSNBC

Yeah, right like the roll out passed with flying colors, roflmao.

See? Now you can go back to bitching about the President at Stonehenge.

I don't give a flying fig about what the President did at Stonehenge.

Deflection, accusations of partisanship and polyanna presumption are about the only defences of this fiasco, as it is with so many Obama Regime pratfalls.

 

[JimBowie1958]

Everything gets hacked. If you still use credit cards wow are you stupid.

The use of plastic is ubiquitous now and hard to avoid. But yeah, we are trying to reduce plastic purchases to a minimum.

 

[J.E.D]

Omg a website got hacked! That never happens! Scrap the whole law!

 

[JimBowie1958]

Omg a website got hacked! That never happens! Scrap the whole law!

Ridiculous. Healthcare.gov is getting hacked, going to get hacked and the minimum levels of security were not there. Even Mother Jones for Christ's Sake pointed it out as well.

You are just reflexively sucking OBozos cock again.

 

[J.E.D]

Omg a website got hacked! That never happens! Scrap the whole law!

Ridiculous. Healthcare.gov is getting hacked, going to get hacked and the minimum levels of security were not there. Even Mother Jones for Christ's Sake pointed it out as well.

You are just reflexively sucking OBozos cock again.

Your own link disputes your hyperbole, shitstain.

 

[Star]

HealthCare.gov Site Suffers Hack But No Data Stolen Officials - NBC News

The government's healthcare insurance information website, HealthCare.gov, was hacked this summer, but no damage was done, according to a statement Thursday from the Department of Health and Human Services. "Today, we briefed key Congressional staff about an intrusion on a test server that supports HealthCare.gov," the statement said. The breach was first reported by The Wall Street Journal. HHS said the attack took the form of malware that was installed on a test server and "designed to launch a 'denial of service' attack against other websites when activated." The breach was discovered in late August; the Journal said the hack took place in July.

The hack too k place in July and sat there running on the healthcare network for a month before being found. They don't have a clue if it could have launched self-cleaning bots into other parts of the network that got scrubbed weeks before they found it.

One would be inclined to perhaps give the government some leniency on this were it not for all the prior warnings that were essentially ignored. After all its just muppet dat.

How Healthcare.gov Could Be Hacked Mother Jones

Healthcare.gov - Reasons why it is a hackers target.

How Healthcare.gov Could Be Hacked

How much more incompetence will Dimbocraps heap on this nation? I guess its not a problem until the Dimbocrap crooks let their unaffiliated buddies steal your ID for some Illegal from Latvia so she can work in some rich mans mansion for slave wages.

And this isn't just a Dimbocrap issue; the GOP RINOs are just as supportive of unfetter illegal immigration as the Dimbocraps are. Mitt, W and McSame would have allowed the same damned thing to happen, only the press would be reporting it more often.

But they will still take a few hypocritical kicks anyway.

GOP chorus attacks Obamacare over Healthcare.gov hack - Brett Norman - POLITICO.com

Are you saying the government code writers could have saved us a lot of time and money and got the same result by hiring private industry's Target's IT department? and/or Neiman Marcus, and/or Home Depot, and/or...

Who do you think they should hire for their next IT project ...Diebold?

.​

 

[Moonglow]

I would be more concerned with financial institutions that have been hacked as of late...

 

[JimBowie1958]

Omg a website got hacked! That never happens! Scrap the whole law!

Ridiculous. Healthcare.gov is getting hacked, going to get hacked and the minimum levels of security were not there. Even Mother Jones for Christ's Sake pointed it out as well.

You are just reflexively sucking OBozos cock again.

Your own link disputes your hyperbole, shitstain.

Lol, you make a TOTALLY AMBIGUOUS accusation and leave nothing to back it up because you lie and you know it.

Which link and what disputes my claims, you retard?

 

[JimBowie1958]

I would be more concerned with financial institutions that have been hacked as of late...

And all the personal info on healthcare.gov is just peachy keen to you?

Really?

 

[JimBowie1958]

HealthCare.gov Site Suffers Hack But No Data Stolen Officials - NBC News

The government's healthcare insurance information website, HealthCare.gov, was hacked this summer, but no damage was done, according to a statement Thursday from the Department of Health and Human Services. "Today, we briefed key Congressional staff about an intrusion on a test server that supports HealthCare.gov," the statement said. The breach was first reported by The Wall Street Journal. HHS said the attack took the form of malware that was installed on a test server and "designed to launch a 'denial of service' attack against other websites when activated." The breach was discovered in late August; the Journal said the hack took place in July.

The hack too k place in July and sat there running on the healthcare network for a month before being found. They don't have a clue if it could have launched self-cleaning bots into other parts of the network that got scrubbed weeks before they found it.

One would be inclined to perhaps give the government some leniency on this were it not for all the prior warnings that were essentially ignored. After all its just muppet dat.

How Healthcare.gov Could Be Hacked Mother Jones

Healthcare.gov - Reasons why it is a hackers target.

How Healthcare.gov Could Be Hacked

How much more incompetence will Dimbocraps heap on this nation? I guess its not a problem until the Dimbocrap crooks let their unaffiliated buddies steal your ID for some Illegal from Latvia so she can work in some rich mans mansion for slave wages.

And this isn't just a Dimbocrap issue; the GOP RINOs are just as supportive of unfetter illegal immigration as the Dimbocraps are. Mitt, W and McSame would have allowed the same damned thing to happen, only the press would be reporting it more often.

But they will still take a few hypocritical kicks anyway.

GOP chorus attacks Obamacare over Healthcare.gov hack - Brett Norman - POLITICO.com

Are you saying the government code writers could have saved us a lot of time and money and got the same result by hiring private industry's Target's IT department? and/or Neiman Marcus, and/or Home Depot, and/or...

Who do you think they should hire for their next IT project ...Diebold?

.​

They selected Michelle's cronies out of CANADA and that company is one of the worst.

I know that they could have done better; the system wasn't even beta tested prior to rolling it out.

 

[J.E.D]

The sky is falling! The sky is falling!

 

[EverCurious]

Frankly I'd already decided that I would NOT be purchasing Obamacare, but I did indeed log in to that site to find out how much they would want out of curiosity. I sure as fuck don't need a bunch of hackers knowing my name, email address, financial information, etc. Even if we drop it to the very least possible 'dangerous' level and we just talking about junk mail - I get enough of that shit as it is.

Bottom line is that I trusted, am trusting, the government to not just hand my information out to everyone on the damn web. I really don't think that is an unreasonable request and I don't think it is unreasonable for me to be concerned that they don't have their security in order.