Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hackers Break Into HealthCare.gov

Posted by samzenpus on from the our-bad dept.

mpicpp is one of many to point out that hackers broke into the HealthCare.gov website in July and uploaded malicious software. "Hackers silently infected a Healthcare.gov computer server this summer. But the malware didn't manage to steal anyone's data, federal officials say. On Thursday, the Health and Human Services Department, which manages the Obamacare website, explained what happened. And officials stressed that personal information was never at risk. "Our review indicates that the server did not contain consumer personal information; data was not transmitted outside the agency, and the website was not specifically targeted," HHS spokesman Kevin Griffis said. But it was a close call, showing just how vulnerable computer systems can be. It all happened because of a series of mistakes. A computer server that routinely tests portions of the website wasn't properly set up. It was never supposed to be connected to the Internet — but someone had accidentally connected it anyway. That left it open to attack, and on July 8, malware slipped past the Obamacare security system, officials said.

4 of 150 comments (clear)

  1. Jesus wept, will people never learn? by Anonymous Coward · · Score: 5, Insightful

    A computer server that routinely tests portions of the website wasn't properly set up. It was never supposed to be connected to the Internet â" but someone had accidentally connected it anyway.

    How, in this day and age, does this kind of stupid shit keep happening? How are network admins not creating L2 & L3 separations in the network, with internal firewalls and IDS? How are operations engineers not building local firewalls on machines, and locking down through security policies?

    This isn't 1994 any more people. Hand crafted individual artisanal servers, personally wrapped in cotton wool and hand reared by the friendly neckbeard, are not how things should be done at scale in this day and age.

  2. So that brings the successful login count to.... by erp_consultant · · Score: 5, Funny

    exactly one :-D

  3. Re:Yep. by HornWumpus · · Score: 4, Insightful

    Confession: I just actually RTFA. Don't ban me.

    Evidence the attack hadn't proceeded? That the 'attack tools' were sitting there, waiting for the command.

    So someone broke in and left a bunch of 'hacker tools' laying around a directory and listening on a port as a service?

    Wouldn't the last step of a successful attack be to clean up all traces, run defrag then perhaps install a fresh copy of BO. Just incase someone changes the password before you come back.

    How would you know the difference between a successful raid and an aborted one? Could you give a quick answer? If you needed to search logs to even start answering but the PHB was breathing down your neck what would you say? What other servers would you even start on? What OSs are they using? What skeletons have they already hidden? Database? Read only? Did anybody 'SELECT * FROM *' lately?

    Just how good can the logging/intrusion detection be? They let a local login loose.

    --
    John McAfee 'It was like that time I hired that Bangkok prostitute; to do my taxes, while I fucked my accountant'
  4. Re:Yep. by trout007 · · Score: 4, Insightful

    The difference is people voluntarily give data to these companies where as you are forced to give information to Healthcare.gov. It would be the same as if the IRS was hacked.

    --
    I love Jesus, except for his foreign policy.