HealthCare.gov security again under scrutiny by politicians

By Jim Finkle and Doina Chiacu BOSTON/WASHINGTON (Reuters) – A cybersecurity professional warned that the U.S. government failed to implement fixes to protect the HealthCare.gov website from hackers at a congressional hearing that Democratic lawmakers claimed was politically motivated. “HealthCare.gov is not secure today,” David Kennedy, head of computer security consulting firm TrustedSec LLC, said at a Thursday hearing of the House Science, Space and Technology Committee. It’s not a question of whether or not its insecure, it’s what we need to do to fix it.” Before the hearing, Kennedy told Reuters the government has yet to plug more than 20 vulnerabilities that he and other security experts reported to the government shortly after HealthCare.gov went live on October 1. Hackers could steal personal information, modify data or attack the personal computers of the website’s users, he said.