News

Republicans warn of security flaws in Obamacare website

Republicans warn of security flaws in Obamacare website

HEALTHCARE HANGUPS: Officials hope to enroll more than 2.5 million young Americans in coverage by a March 31 deadline. So far they have signed up only about one-fifth of that number, partly due to early technical glitches at HealthCare.gov. Photo: Associated Press

By David Morgan and Jim Finkle

(Reuters) – Republicans in Congress sought to showcase what they call major security problems with the Obamacare website HealthCare.gov on Thursday, just as U.S. officials ramp up a national campaign to persuade young adults to use the site to enroll in health insurance.

In a public messaging tug-of-war that will likely intensify in coming weeks, the Republican-led House of Representatives targeted the healthcare reform law in three separate oversight hearings. Two were geared toward Republican claims that HealthCare.gov remains vulnerable to hackers more than three months after its botched Oct. 1 rollout.

Democrats accused Republicans of “cherry picking” partial information about the website to try and scare consumers away from it. Later in the day, Obamacare supporters, including federal and state officials, staged a six-hour presentation on YouTube.com intended to drive enrollment among 18-to-34-year-olds.

The administration also disclosed plans for a media promotion campaign during next month’s Winter Olympics in Sochi, Russia, and unveiled 30-second ads with former basketball stars Magic Johnson and Alonzo Mourning.

U.S. officials are eager to boost youth participation, which is widely seen as vital to the success of President Barack Obama’s signature domestic policy achievement.

The administration needs enough young people, who are typically healthier, so that their premiums will help offset costs from older enrollees and prevent insurers from raising their rates.

Officials hope to enroll more than 2.5 million young Americans in coverage by a March 31 deadline. So far they have signed up only about one-fifth of that number, partly due to early technical glitches at HealthCare.gov.

While the performance of the website has greatly improved, the Obama administration is contending with fresh attacks from Republicans eager to highlight the healthcare reform’s flaws, including security questions.

“It seems to defy common sense that a website plagued with functional problems was, in fact, perfectly secure by design,” said Darrell Issa, chairman of the House Oversight and Government Reform Committee, who presided over one of Thursday’s security hearings.

At another Republican-led hearing, a cybersecurity professional warned that the federal government has failed to implement fixes necessary to protect the HealthCare.gov website from hackers.

“HealthCare.gov is not secure today,” David Kennedy, head of computer security consulting firm TrustedSec LLC, told the House Science, Space and Technology Committee.

HealthCare.gov is the consumer web portal to a 36-state federal health insurance marketplace, which offers private insurance, with federally subsidized rates for some consumers. The 14 other states have built their own marketplaces.

Kennedy said “nothing has really changed” since a hearing before the same committee in November when he and three other expert witnesses said they believed the site was not secure and three of them said it should be shut down immediately.

“I don’t understand how we’re still discussing whether the website is insecure or not,” said Kennedy, who worked for the National Security Agency and the U.S. Marine Corps before entering the private sector. “It is insecure – 100 percent.”

Before the hearing, Kennedy told Reuters the government has yet to plug more than 20 vulnerabilities that he and other security experts reported to the government shortly after HealthCare.gov went live on October 1. Hackers could steal personal information, modify data, attack the personal computers of website users and damage the infrastructure of the site, Kennedy said in an interview.

The Centers for Medicare and Medicaid Services (CMS), the federal agency responsible for HealthCare.gov, said in a statement to Reuters, “There have been no successful security attacks on Healthcare.gov and no person or group has maliciously accessed personally identifiable information from the site.”

CMS said Kennedy’s methodology undermined his findings: “Because this individual had no direct access to the operations of the HealthCare.gov website, the information in the report is based on assumptions, not fact.”

The agency’s information security chief also publicly tried to reassure lawmakers that the site is safe.

The CMS chief information security officer, Teresa Fryer, said the website underwent end-to-end security testing on Dec. 18 and met all industry standards.

“The (federal marketplace) is secure. In many instances, we have gone above and beyond what is required, with layered protection, continuous monitoring and additional penetration testing,” Fryer said before the House Oversight panel.

Democratic Representative Elijah Cummings charged that Republicans were “cherry-picking partial information to promote a narrative that is inaccurate” about the Obamacare website, when its security was “strong and keeps getting stronger”.

Instead of holding ever more hearings on the Obamacare website, lawmakers should be looking into the massive data breach affecting millions at Target Corp, Cummings said at the hearing where CMS’s Fryer appeared.

As the hearings took place, Republicans sought to amplify their anti-Obamacare message by advancing another bill to tweak the law. The legislation, which passed by a 259-154 vote, would require the Obama administration to issue weekly enrollment statistics.

The White House considers the transparency bill another Republican attempt to harass implementation of its healthcare reform. However, 33 Democrats voted for the bill. Last week, the House passed a Republican measure that would require the government to notify consumers in two days if their personal information on HealthCare.gov has been compromised.

(Additional reporting by Susan Cornwell, Doina Chiacu and Bill Trott in Washington; Editing by Karey Van Hall and Leslie Adler)

Recent Headlines

in Sports

The latest on the FIFA scandal

Two men talk to each other in front of the FIFA logo at the FIFA headquarters in Zurich, Switzerland, Wednesday, May 27, 2015. Swiss prosecutors opened criminal proceedings into FIFA's awarding of the 2018 and 2022 World Cups, only hours after seven soccer officials were arrested Wednesday pending extradition to the U.S. in a separate probe of "rampant, systemic, and deep-rooted" corruption.

Former FIFA vice president Warner leaves jail in ambulance plus UN reviewing FIFA partnerships amid corruption scandal and Blatter call the corruption cases shame, humiliate soccer.

in Sports

Adrian Peterson vents on Twitter about honoring contract

In this Aug. 16, 2014, photo, Minnesota Vikings running back Adrian Peterson (28) warms up before a NFL preseason football game against the Arizona Cardinals in Minneapolis.Millions of people using the top three fantasy football platforms have generated three different answers to the question of that top draft pick. Yahoo says LeSean McCoy of Philadelphia. ESPN says Adrian Peterson. CBS Sports says it’s Jamaal Charles of Kansas City.

Adrian Peterson took to Twitter on Thursday to express his frustration over criticism he is receiving while staying away from the voluntary portion of the Minnesota Vikings offseason.

in Sports

Day 5 of the French Open: Both No. 1’s advance

Serena Williams of the U.S. volleys the ball to Germany's Anna-Lena Friedsam during their second round match of the French Open tennis tournament at the Roland Garros stadium, Thursday, May 28, 2015 in Paris. Williams won 5-7, 6-3, -6-3.

Both Serena Williams and Rafael Nadal advance to the third round at Roland Garros.

in Sports

Chicago Bulls fire coach Tom Thibodeau, cite lack of trust

Chicago Bulls head coach Tom Thibodeau reacts during the second half of Game 1 against the Cleveland Cavaliers in a second-round NBA basketball playoff series Monday, May 4, 2015, in Cleveland. The Bulls won 99-92.

Fired Chicago Bulls coach Tom Thibodeau has thanked the Bulls and the city and says he looks forward to future opportunities.

in Sports

Broncos left tackle Clady tears ACL, likely out for season

Denver Broncos offensive tackle Ryan Clady (78) smiles on the sideline during the fourth quarter of an NFL football game against the Oakland Raiders in Oakland, Calif., Sunday, Nov. 9, 2014. The Broncos won 41-17.

Broncos left tackle Ryan Clady has torn his left ACL and will likely miss the season, leaving Denver to search for someone to protect Peyton Manning's blind side.

Bellingham Traffic