GAO Finds Significant Cybersecurity Vulnerabilities On Federal Exchanges
Officials say their findings in the investigation, which was initially limited to California, Kentucky and Vermont, likely means that other states’ health exchange websites face similar cyber issues.
The Associated Press:
Security Flaws Found In 3 State Health Insurance Websites
Federal investigators found significant cybersecurity weaknesses in the health insurance websites of California, Kentucky and Vermont that could enable hackers to get their hands on sensitive personal information about hundreds of thousands of people, The Associated Press has learned. And some of those flaws have yet to be fixed. The vulnerabilities were discovered by the Government Accountability Office, the investigative arm of Congress, and shared with state officials last September. (4/7)
The Hill:
Watchdog: Security Flaws Plague State ObamaCare Exchanges
California’s system, known as Covered California, is the nation’s largest state-run exchange. Both California and Kentucky have been touted as a national model, though Vermont has had a documented history of issues with its exchange. The GAO’s investigation was released in March, but without naming the states. That information was reported Thursday by the Associated Press, in response to a Freedom of Information Act request. Federal officials said their findings in the investigation, which was initially limited to those three states, likely means that other states’ websites have faced similar cyber issues. (Farris, 4/7)
Meanwhile, the Los Angeles Times reports on the growing cyberthreat to vulnerable hospitals —
Los Angeles Times:
Criminal Hackers Now Target Hospitals, Police Stations And Schools
Three weeks ago, a debilitating digital virus spread quickly in computer networks at three Southern California hospitals owned by Prime Healthcare Services. Using a pop-up window, hackers demanded about $17,000 in the hard-to-trace cybercurrency called Bitcoin to destroy the virus they had implanted. The virus had encrypted medical and other data so it was impossible to access. ... The attempted extortion by criminal hackers was the latest case of what the FBI says is a fast-growing threat to vulnerable individuals, companies and low-profile critical infrastructure, from hospitals and schools to police stations. (Hennigan and Bennett, 4/8)
