• Skip to primary navigation
  • Skip to content
  • Skip to primary sidebar
  • Skip to footer

InfoSec News

  • Home
  • Subscribe to InfoSec News
  • Contact Us
  • Advertising
  • Privacy
  • About

HealthCare.gov Server Compromised by Hackers

July 26, 2018 By William Knowles

spies-like-us

By William Knowles @c4i
Senior Editor
InfoSec News
September 5, 2014

Unknown hackers breached a test server with malware on a Health and Human Services (HHS) site that supports the Obamacare insurance website HealthCare.gov

The commonplace malware was designed to launch “denial of service” attacks against other websites, HHS said, and there is no evidence any consumers’ personal information was sent to an external IP address. The attack did not appear to directly target HealthCare.gov, and the server that was targeted did not contain any consumers’ personal information.

The Wall Street Journal reports that the server was connected to more sensitive parts of the website that had better security protections, the officials said. That means it would have been possible, if difficult, for the intruder to move through the network and try to view more protected information, an official at the Department of Health and Human Services said. There is no indication that happened, and investigators suspect the hacker didn’t intend to target a HealthCare.gov server.

Washington officials said they are concerned an intruder gained access to the HealthCare.gov network through a basic security flaw. The server had low-security settings because it was never meant to be connected to the Internet, the HHS official said. When the hacker broke in, it was only guarded by a default password, which often is easy to crack.

It should be noted that the Department of Health and Human Services in the 2014 Annual Report to Congress on the Federal Information Security Management Act [PDF] scored only 43% in 2014 down from 50% in 2013.

Screenshot_2014-09-05-04

Filed Under: News Tagged With: ACA, Cyber Crime, DDoS, FISMA, Hacker, Hacking, HHS, HIPAA, HITECH, InfoSec, Malware, Obamacare, Passwords, PII, Security

Primary Sidebar

InfoSec News Stock Ticker

Ticker Tape by TradingView

Latest Tweets from InfoSec News

Tweets by @InfoSecNews_

Popular Tags

Business Continuity CEH China Citizenfour COVID-19 COVID19 Crypto Cryptography Cyberattack Cybercrime Cyber Crime CyberCyberCyber Cybersecurity Data Breach Disaster Recovery DoD EC-Council Edward Snowden Encryption Espionage FBI FISMA Google Hacker Hackers Hacking InfoSec InfoSecNews InfoSec News Intelligence Jay Bavisi Malware Microsoft NSA OPSEC Passwords PII Ransomware Russia Security SnowdenWatch SSN USCYBERCOM Wolfking Awesomefox XSS

Upcoming Events

  1. Black Hat USA 2020

    August 1 - August 6
  2. DEF CON Safe Mode

    August 6 - August 9
  3. THOTCON 0xB

    September 11 - September 12

View All Events

RSS PacketStorm Security Advisories

  • Ubuntu Security Notice USN-4442-1
  • Gentoo Linux Security Advisory 202007-58
  • Gentoo Linux Security Advisory 202007-57
  • Gentoo Linux Security Advisory 202007-56
  • Gentoo Linux Security Advisory 202007-55
  • Gentoo Linux Security Advisory 202007-54
  • Gentoo Linux Security Advisory 202007-53
  • Gentoo Linux Security Advisory 202007-52
  • Red Hat Security Advisory 2020-3194-01
  • Red Hat Security Advisory 2020-3192-01

RSS National Vulnerability Database

  • CVE-2020-6098
  • CVE-2020-13971
  • CVE-2020-13970
  • CVE-2020-11474
  • CVE-2020-11476
  • CVE-2020-13997
  • CVE-2020-10982
  • CVE-2020-10983
  • CVE-2020-10984
  • CVE-2020-10985

Archives

  • July 2020
  • June 2020
  • May 2020
  • April 2020
  • March 2020
  • October 2019
  • September 2019
  • August 2019
  • June 2019
  • April 2019
  • March 2019
  • January 2019
  • December 2018
  • November 2018
  • October 2018
  • August 2018
  • July 2018

Copyright © 2020 · News Pro on Genesis Framework · WordPress · Log in