Posted on 10/29/2013 10:34:26 AM PDT by Sub-Driver
Edited on 10/29/2013 11:00:41 AM PDT by Admin Moderator. [history]
Until the Department of Health fixed the security hole last week, anyone could easily reset your Healthcare.gov password........
(Excerpt) Read more at politicalticker.blogs.cnn.com ...
bet they have to scrap every piece od data collected
Waoooooo! Nobody saw this coming.
I think a lot of us IT guys went on record as saying that if the site was in that bad of shape, you were playing with your life entering any personal data there. It wasn’t just me.
Just imagine being a hacker and gaining administration privileges on a website that contains every citizen’s ID and banking info and possibly ways to monitor them in real-time. I can’t see a problem with that. Can you? If you do you must be a Tea bagger.../s
They used pegboard for a pattern.
From the “full story”
” The glitch was discovered last week by Ben Simo, a software tester in Arizona. Simo found that gaining access to people’s accounts was frighteningly simple. You could have:
guessed an existing user name, and the website would have confirmed it exists.
claimed you forgot your password, and the site would have reset it.
viewed the site’s unencrypted source code in any browser to find the password reset code.
plugged in the user name and reset code, and the website would have displayed a person’s three security questions (your oldest niece’s first name, name of favorite pet, date of wedding anniversary, etc.).
answered the security questions wrong, and the website would have spit out the account owner’s email address — again, unencrypted.”
I could think of nothing more fitting for Obamacare than if it were to be discovered that Russian hackers made off with the ID’s of every registrant for the last 29 days....
D*mn. The government SHOULD be shut down over this mess.
The list, Ping
Let me know if you would like to be on or off the ping list
NO WONDER CONGRESS AND THEBADMINISTRATION DON’T WANT TO USE IT!
Experts have been saying for weeks (months?) that this was coming. No one should be surprised.
nobama and Sillybus have a real can of worms here.
He-he.
Designed, built and maintained by Incompetence, Inc.
Holy crap! That means the password reset is done client side.
Turns out, I WAS RIGHT!
Progressives, I could have done this website for you for only $50K and been totally secure. Instead we have this ObummerCare which is a Disaster of Epic and Economic proportions.
Obamacare website found amoung massive security holes.
- YOUR CONFIDENTIAL OBAMACARE INFO WAS HACKED IN A FEW MINUTES
READ ON SUCKERS
- IT’S ALL FREEEEEEEEEEE!
- Security hole found in Obamacare website
The NSA could have told them that a year ago.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.