The Corner

Unsafe at Any Web Speed: Intel Chairs Say Take Down Healthcare.gov

When the Democratic and Republican chairmen of the congressional intelligence commitees both agree that HealthCare.gov, Obamacare’s version of Internet Hell, should be taken down for security reasons, it’s time to pay attention.

Democrat Dianne Feinstein, who has chaired the Senate Intelligence Committee for the last five years, startled Bob Schieffer on CBS’s Face the Nation today when she said, “I felt and I said this directly to the president’s chief of staff, that they ought to take down the website until it was right. They believe that they need to keep it running and that they can sort out the difficulties.” One way to interpret that is that the political survival of President Obama’s signature achievement takes precedence over the cybersecurity of all Americans. As I wrote last month, the White House has shown an astonishing lack of concern for Obamacare’s security vulnerabilities.

Her House counterpart, GOP representative Mike Rogers of Michigan, concurred: “They need to take the site down, stabilize it, meaning they can’t continue to add code every week, and then they need to stress test the system. Unfortunately, Bob, none of that has happened. And they admit it’s going to take six months. . . . . That is unacceptable for the protection of privacy of Americans’ information.”

Both members have had private briefings on the security weaknesses of Healthcare.gov. What’s public is bad enough: A September 27 memo by government officials to Medicare chief Marilyn Tavenner said security testing of all the component parts of the site hadn’t been finished as part of an integrated system. “From a security perspective, the aspects of he system that were not tested due to the ongoing development, exposed a level of uncertainty that can be deemed as a high risk for the [website].” The site was allowed to open with only a temporary security certificate, rather than the full one that is normally issued.

The administration insists Healthcare.gov is secure. Last week, Health and Human Services spokesman Joanne Peters insisted that applicants “can trust the information they’re providing is protected by stringent security standards and that the technology underlying the application process has been tested and is secure.”

So which version is closer to reality? Ask Justin Hadley, a North Carolina man who saw Blue Cross cancel his individual policy in September and send him to Healthcare.gov. As the Heritage Foundation reports, when he finally made it past the registration page last Thursday, he was greeted with copies of letters confirming the eligibility for health insurance addressed to two real individuals from South Carolina. “If I have their information, then who else has my information now?” he asks.

The federal data hub that processes the information used to determine eligibility for Obamacare’s subsidies is the only part of the Obamacare site that seems to be working well. “The bad news,” as I wrote last month, ”is that because the data hub is the largest consolidation of personal data in our nation’s history, it will become a magnet for identity thieves.”

Many experts, along with Senator Feinstein and Representative Rogers, worry about the same thing. Michael Astrue, who was commissioner of Social Security until February of this year, issued this warning last month.

“[The Department of Health and Human Services] opened the door to large-scale fraud by providing funding for tens of thousands of ‘navigators’ — people who are supposed to persuade the uninsured to apply for coverage and then assist them in the application process. Instead of hiring well-screened, well-trained, and well-supervised workers, HHS decided to build political support for the Affordable Care Act by pouring money into supportive organizations so they could launch poorly trained workers into their communities without obtaining criminal background checks or creating systems for monitoring their activities,” he wrote in The Weekly Standard. “As a practical matter, these navigators are unaccountable, and yet they will be asking people for Social Security numbers and other sensitive information. It will not take long for navigators to become predators, and HHS has no plan to deal with the new breed of predators it is creating.”

So the threats to the privacy of Americans come both from badly written code that’s an potential invitation to computer hackers and from thousands of unscreened “navigators” who will have access to private information. Isn’t it time to sound a four-alarm siren over this danger, like the kind that often sits atop the Drudge Report? We can’t say we haven’t been warned. 

Most Popular

Film & TV

A Sad Finale

Spoilers Ahead. Look, I share David’s love of Game of Thrones. But I thought the finale was largely a bust, for failings David mostly acknowledges in passing (but does not allow to dampen his ardor). The problems with the finale were largely the problems of this entire season. Characters that had been ... Read More
Politics & Policy

The Great Misdirection

The House Democrats are frustrated, very frustrated. They’ve gotten themselves entangled in procedural disputes with the Trump administration that no one particularly cares about and that might be litigated for a very long time. A Washington Post report over the weekend spelled out how stymied Democrats ... Read More
World

Australia’s Voters Reject Leftist Ideas

Hell hath no fury greater than left-wingers who lose an election in a surprise upset. Think Brexit in 2016. Think Trump’s victory the same year. Now add Australia. Conservative prime minister Scott Morrison shocked pollsters and pundits alike with his victory on Saturday, and the reaction has been brutal ... Read More
NR Webathon

We’ve Had Bill Barr’s Back

One of the more dismaying features of the national political debate lately is how casually and cynically Attorney General Bill Barr has been smeared. He is routinely compared to Roy Cohn on a cable-TV program that prides itself on assembling the most thoughtful and plugged-in political analysts and ... Read More
Film & TV

Game of Thrones: A Father’s Legacy Endures

Warning! If you don't want to read any spoilers from last night's series finale of Game of Thrones, stop reading. Right now. There is a lot to unpack about the Thrones finale, and I fully understand many of the criticisms I read on Twitter and elsewhere. Yes, the show was compressed. Yes, there were moments ... Read More