Slashdot Mirror

Late last month, HealthCare.gov suffered a data breach exposing 75,000 customers. Details were sparse at the time of the breach, but have now learned that hackers obtained "inappropriate access" to a number of broker and agent accounts, which "engaged in excessive searching" of the government's healthcare marketplace systems. TechCrunch reports: [The Centers for Medicare and Medicaid Services (CMS)] didn't say how the attackers gained access to the accounts, but said it shut off the affected accounts "immediately." In a letter sent to affected customers this week (and buried on the Healthcare.gov website), CMS disclosed that sensitive personal data -- including partial Social Security numbers, immigration status and some tax information -- may have been taken. According to the letter, the data included name, date of birth, address, sex, and the last four digits of the Social Security number (SSN), if SSN was provided on the application. Other information could include expected income, tax filing status, family relationships, whether the applicant is a citizen or an immigrant, immigration document types and numbers, employer name, pregnancy status, health insurance status, and more. The government did say that no bank account information was stolen.

Late last month, HealthCare.gov suffered a data breach exposing 75,000 customers. Details were sparse at the time of the breach, but have now learned that hackers obtained "inappropriate access" to a number of broker and agent accounts, which "engaged in excessive searching" of the government's healthcare marketplace systems. TechCrunch reports: [The Centers for Medicare and Medicaid Services (CMS)] didn't say how the attackers gained access to the accounts, but said it shut off the affected accounts "immediately." In a letter sent to affected customers this week (and buried on the Healthcare.gov website), CMS disclosed that sensitive personal data -- including partial Social Security numbers, immigration status and some tax information -- may have been taken. According to the letter, the data included name, date of birth, address, sex, and the last four digits of the Social Security number (SSN), if SSN was provided on the application. Other information could include expected income, tax filing status, family relationships, whether the applicant is a citizen or an immigrant, immigration document types and numbers, employer name, pregnancy status, health insurance status, and more. The government did say that no bank account information was stolen.

The much-discussed health care finance sign-up website HealthCare.gov has benefited from the flurry of improvements that have been thrown at it in the last several weeks. Centers for Medicare and Medicaid spokesman Aaron Albright told Fox News Saturday that "[w]ith the scheduled upgrades last night and tonight, we're on track to meet our stated goal for the site to work for the vast majority of users." CMM spokeswoman Julie Bataille. "said the installation of new servers Friday night helped improved the response times and error rates, even with heavier-than-usual weekend traffic." If you've used the site this weekend, what has your experience been like?

By now, most Americans have either heard or learned firsthand that the Healthcare.gov website doesn't work right. Slings, arrows, and brickbats are being slung all over Washington, and Congressional representatives are busily thundering imprecations at all and sundry who were involved in putting Healthcare.gov together. If there have been any Congressional hearing focusing on how to fix the problems, though, we have not seen them. You'd think that our representatives would bring in people like today's interviewee, Todd Williams, who has written a book titled Rescue the Problem Project and runs a company that specializes in rescuing failed projects. What's more, Todd is just one of many Americans who have helped rescue projects that have gone awry. Hopefully our government has at least one of them working on Healthcare.gov by now, although we haven't heard that they've selected a strong turnaround manager and set him or her to work on the project -- and you'd think they would have told us if they had.

Hugh Pickens DOT Com writes "The WSJ reports that six days into the launch of insurance marketplaces created by the new health-care law, the federal government finally acknowledged that design and software problems have kept customers from applying online for coverage. The website is troubled by coding problems and flaws in the architecture of the system, according to insurance-industry advisers, technical experts and people close to the development of the marketplace. Information technology experts who examined the healthcare.gov website at the request of The Wall Street Journal say the site appeared to be built on a sloppy software foundation and five outside technology experts interviewed by Reuters say they believe flaws in system architecture, not traffic alone, contribute to the problems. One possible cause of the problems is that hitting 'apply' on HealthCare.gov causes 92 separate files, plug-ins and other mammoth swarms of data to stream between the user's computer and the servers powering the government website, says Matthew Hancock, an independent expert in website design. He was able to track the files being requested through a feature in the Firefox browser. Of the 92 he found, 56 were JavaScript files... 'They set up the website in such a way that too many requests to the server arrived at the same time,' says Hancock adding that because so much traffic was going back and forth between the users' computers and the server hosting the government website, it was as if the system was attacking itself. The delays come three months after the Government Accountability Office said a smooth and timely rollout could not be guaranteed because the online system was not fully completed or tested. 'If there's not a general trend of improvement in the next 72 hours of use in this is system then it would indicate the problems they're dealing with are more deep seated and not an easy fix,' says Jay Dunlap, senior vice president of health care technology company EXL."