The latest possible healthcare.gov disaster and how it impacts Ohio Health Insurance applicants

 BuyerBewareBlog

Due to the Heartbleed security flaw, users who purchased Ohio health insurance on Healthcare.gov have been asked to change their passwords, as a means of protection as analysts report that Healthcare.gov and the information stored within it is a target for cyber criminals.

This past Saturday an alert was sent out to all users who enrolled in Ohio health insurance, bringing their attention to the security risk to their personal information. While Healthcare.gov itself does not store medical records or payment information, government officials are reassuring users that they are taking extra security precautions to protect their all information contained within the website.

  The Heartbleed bug, which was discovered in early April by researchers at Google, is found in open source software that many companies such as Amazon, eBay and Yahoo use to encrypt private information such as passwords and credit card information.

However, industry experts have stated that they are far more concerned about attacks on the federal health exchange because they have seen a drastic rise in identify theft via stolen medical information since 2010.

            One of the main concerns with Healthcare.gov security is that the website is in the middle of a major transition to new servers, leaving it and users information vulnerable to attacks. While the two companies involved in the transition, Verizon and Hewlett Packard, are the top in the industry, experts in cyber security say there are security risks anytime data is moved, especially when human error, mistakes and technical glitches are taken into account.

Their main concern for Healthcare.gov is that it is a “clearinghouse” of private information from Ohio health insurance enrollees. Containing personal information that outnumbers other sites 10 to 1, cyber criminals may see it as the best investment of their time when it comes to hacking.

email
function init() { var vidDefer = document.getElementsByTagName('iframe'); for (var i=0; i