A recent federal audit has found that the government stored the personal data of millions of individuals who purchased insurance through Healthcare.gov on a system with cybersecurity flaws.

According to the inspector general at the Department of Health and Human Services, Healthcare.gov’s $110 million digital repository known as MIDAS, used to store personal information including names, Social Security numbers, passport numbers, and financial and employment information for exchange customers, failed to “encrypt user sessions, which is common practice for most online financial transactions.”

Additionally, those tasked with overseeing the website failed to perform basic system scans to look for vulnerabilities on the websites servers. The audit also found “135 database vulnerabilities — such as software bugs — 22 of which were classified as ‘high-risk.’ Sixty-two of the flaws were classified as medium risk.”

Leave a Reply

You must be logged in to post a comment.