It’s upsetting to find out cybercriminals were able to steal credit card numbers and personal information from 110 million Target customers, but at least they had to work for months to figure out how to hack into the retail databases.
Thanks to the “me first” priorities of the Obama administration, the same thieves can use the Obamacare website to lift our personal records in minutes. Four minutes, actually. That’s how long it took cyber safety expert David Kennedy to access the personal records of 70,000 Obamacare enrollees.
Kennedy is a former U.S. Marine Corps cyber-intelligence analyst, and the CEO of TrustedSec, an online security firm. He and several other experts examined the Healthcare.gov website and shared their findings with the House Science, Space and Technology Committee on Nov. 19, 2013, and Jan. 16 of this year.
During the November hearing, Rep. Mo Brooks, R-Ala., asked Kennedy and the three other experts giving testimony, “Would any of you advise an American citizen to use this website, as the security issues now exist?”
All four said no.
They said not enough security is integrated into the website, and it wasn’t properly tested before it was rushed out to the public on Oct 1, 2013. After its disastrous debut, Kennedy said technicians “slapped a bunch of servers in trying to fix the website just to keep it up and running so that people could actually go and use it. But the problem is they still didn’t embed any security into it.”
“The website is either hacked already or will be soon,” he stated.
When Kennedy returned to Congress on Jan. 16 he said, “Nothing’s really changed since our Nov. 19 testimony. In fact, it’s worse.”
He submitted written testimony from seven other nonpartisan security researchers who expressed grave concerns about the website’s vulnerabilities.
Kevin Mitnick, who was the world’s most wanted cybercriminal until he reformed, was especially alarmed to discover that Healthcare.gov puts all of us – not just Obamacare enrollees – at risk.
“Healthcare.gov retrieves information from numerous third-party databases belonging to the IRS, Social Security Administration, Department of Homeland Security, and other State agencies. … A breach may result in massive identity theft never seen before – these databases house information on every U.S. citizen!” Mitnick wrote.
In his expert opinion, “It’s clear that the management team did not consider security as a priority.”
No, the priority for the White House was and always is politics, not people. A detailed account of the website’s creation in the Nov. 2 Washington Post makes this clear.
Reporters Amy Goldstein and Juliet Eilperin describe how Obama’s health care adviser Zeke Emanuel and members of his economic team urged him to “appoint an outside health reform ‘czar’ with expertise in business, insurance and technology” to lead the website team. But the president gave the job to his White House health aides instead.
“Such insularity – in that decision and others that would follow – has emerged as a central factor in the disastrous rollout of the federal health insurance marketplace,” Goldstein and Eilperin say.
The White House was anxious to ward off Republican criticism of Obamacare, so “the president’s aides ordered that some work be slowed down or remain secret for fear of feeding the opposition.” They delayed finalizing many important regulations until after Obama’s 2012 re-election.
A former Health and Human Services official told the reporters, “There wasn’t a way to push back or challenge (the delays.) You had the policy people, largely at the White House, pushing the deadlines and tinkering with the policy, rather than the people who had to run the critical operating path design and program the system.”
Richard Foster, the former Medicare chief actuary, said it was “a singularly bad decision,” for Obama’s team to risk bad implementation “for a short-term political gain.”
But this administration will take that deal all day long. The end justifies the means. Whether it’s Fast and Furious, Benghazi or Obamacare’s broken promises, White House folk know they won’t get fired for their singularly bad decisions.
They are still recklessly urging Americans to sign up on Healthcare.gov, despite the clear risks, because Obamacare needs more enrollees – and that’s what they really care about. Not us.