Late Wednesday night, tweeters and bloggers discovered that among the many problems of the Obamacare website, an apparent lapse in security allows anyone to peruse a back-end healthcare.gov website that provides the names, addresses, and phone numbers of hundreds of Obamacare navigators. It does not appear that the website was intended for viewing by members of the general public. The blog Weasel Zippers reported on the existence of the possible security lapse last night.
@JohnEkdahl I think it includes the list of navigators and all the insurance plans… along with med loss records, etc… Lots to browse.
— Jay (@brutus_jay) October 23, 2013
October 23, 2013 1235a EDT Security breach for http://t.co/QvDJLXtarh that has lit up Twitter. Is anyone reading tweets @ .gov closing it?
— Jim Bowden (@bowdenj) October 23, 2013
https://twitter.com/sschubart/status/392872814392254464
https://twitter.com/DefendWallSt/status/392872112194465792
https://twitter.com/DefendWallSt/status/392867735589232640
We all knew that http://t.co/YWGkiPGEf5 was a hacking risk, but not that "hacking" just meant guessing the right URL: http://t.co/8QllczkJfj
— Leslie ن (@LADowd) October 23, 2013
It seems as if “hacking” the Obamacare website is easier than anyone thought.
Update, 6:50 am ET:
Based on a quick comparison of five random database entries, the “security lapse” database displays the same data that are in this publicly searchable database. At this point Twitchy has been unable to confirm that any non-public navigator information has been disclosed. We will continue to investigate.
Join the conversation as a VIP Member