Obamacare Website Was Breached Weeks Ago By a Hacker

Federal officials revealed today that the Obamacare website was breached back in July by a hacker, though they made it clear absolutely no one’s personal data was compromised. The hacking took place weeks ago, but the Department of Health and Human Services reportedly discovered the breach just last week.

HHS said in a statement, “Our review indicates that the server did not contain consumer personal information; data was not transmitted outside the agency, and the website was not specifically targeted.”

A department official claims this to be the first successful attempt at breaching the system. It appears that all the hacker did was to throw malware on the site so that it could then be used to help cyberattacks against other federal websites.

And here’s how they explain the hacker got in:

Washington officials said they are concerned that an intruder gained access to the network through a basic security flaw. The server accessed had such low security settings because it was never meant to be connected to the Internet, the HHS official said. When the hacker broke in, it was only guarded by a default password, which often is easy to crack.

“There was a door left open,” the official said.

[image via Shutterstock]

— —

Follow Josh Feldman on Twitter: @feldmaniac

Have a tip we should know?

Filed Under:
  1. Mediaite
  2. The Mary Sue
  3. RunwayRiot
  4. Law & Crime
  5. SportsGrid
  6. AmboTV
  7. Gossip Cop