Report: Healthcare.gov Hit With More Than 300 Cyber Attacks in Less Than Two Years
Online healthcare portal fended off 316 attacks
A recent report from the U.S. Government Accountability Office (U.S. GAO) detailed how Healthcare.gov fought off more than 300 cyber incidents in about 18 months.
The online portal for the federal health insurance marketplace, along with supporting systems, reported 316 security-related incidents between October 2013 and March 2015. Data was provided by the Centers for Medicare & Medicaid Services (CMS) and reported by the GAO.
No breaches identified
Despite the large number of reported incidents, there was no evidence that any outside hacker obtained access to sensitive data like personally identifiable information, the GAO noted. The majority of attacks were termed as “electronic probing of CMS systems by potential attackers.”
— U.S. GAO (@USGAO) March 23, 2016
The GAO identified weaknesses in processes and controls that serve to protect data, including issues with administrator privileges, security patch holes, and insecure configurations.
Because of the discovery of these weaknesses, the GAO recommended that the CMS examine “procedures for overseeing the security of state-based marketplaces.”
Additionally, the GAO urged uninterrupted monitoring of the security of the online marketplace.
Source → U.S. GAO