Information has been released about a hack on the HealthCare.gov website that occurred in July this year.
Discovered on August 25, the attack marks the first known intrusion into the federally run website. The website was under heavy scrutiny last year when it was released due to vast amounts of errors, and this revelation probably won’t come as a surprise to a large number of people.
“Our review indicates that the server did not contain consumer personal information,” Aaron Albright, an agency spokesman, said yesterday in an e-mailed statement. “We have taken measures to further strengthen security.”
The July attack exploited a test server used to support the website and was never intended to be connected to the Internet, Albright said. The server was protected with only a default password.
Security professionals around the country are giving their two cents on the events, with one saying, “Shame on the U.S. government for allowing this to happen. We paid how many millions to put this thing up and a default password was used on a server?”
Due to the intrusion being in July but only discovered last week, it’s possible that there have been several more since, that just haven’t been discovered yet – but only time will tell.