Healthcare.gov users told to change passwords due to Heartbleed

Healthcare.gov users told to change passwords due to Heartbleed risk

Posted: Updated:
  • Arizona HeadlinesMore>>

  • Businesses named ISIS debate name change over terror group

    Businesses named ISIS debate name change over terror group

    When you hear the name ISIS the terror group, and it's violent and ruthless acts come to mind. But ISIS is also the name used by hundreds of businesses across the country including some in the valley.
    When you hear the name ISIS the terror group, and it's violent and ruthless acts come to mind. But ISIS is also the name used by hundreds of businesses across the country including some in the valley.
  • Bullhead City Police searching for missing 8-year-old girl

    Bullhead City Police searching for missing 8-year-old girl

    Police in Bullhead City are receiving help from the FBI and the National Center for Missing Exploited children after a child went missing early Tuesday morning.Authorities are searching for 8-year-old Isabella Grogan-Cannella, who was last seen wearing a green tank top and dark colored shorts.
    Police in Bullhead City are receiving help from the FBI and the National Center for Missing Exploited children after a child went missing early Tuesday morning.Authorities are searching for 8-year-old Isabella Grogan-Cannella, who was last seen wearing a green tank top and dark colored shorts.
  • 11-year-old boy shot in Queen Creek

    11-year-old boy shot in Queen Creek

    According to authorities with the Pinal County Sheriff's Office, an 11 year-old boy was shot in the head in Queen Creek.Deputies responded to the home near Hunt Highway Bella Vista Tuesday evening.The boy was airlifted to a hospital, he was reported to be breathing.
    According to authorities with the Pinal County Sheriff's Office, an 11 year-old boy was shot in the head in Queen Creek.Deputies responded to the home near Hunt Highway Bella Vista Tuesday evening.The boy was airlifted to a hospital, he was reported to be breathing.
Users of the federal heath care exchange site have been advised to change their passwords this weekend after the Obama administration reviewed the government's vulnerability to the Heartbleed Internet security bug. 

Senior administration officials told the Associated Press that there was no indication that the HealthCare.gov site had been compromised and the action is being taken out of an abundance of caution. The government's Heartbleed review is ongoing, the officials said, and users of other websites may also be told to change their passwords in the coming days, including those with accounts on the popular WhiteHouse.gov petitions page.

"HealthCare.gov uses many layers of protections to secure your information," a message on the website said Saturday. "While there’s no indication that any personal information has ever been at risk, we have taken steps to address Heartbleed issues and reset consumers’ passwords out of an abundance of caution."

The Heartbleed programming flaw has caused major security concerns across the Internet and affected a widely used encryption technology that was designed to protect online accounts. Major Internet services have been working to insulate themselves against the problem and are also recommending that users change their website passwords.

Officials said the administration was prioritizing its analysis of websites with heavy traffic and the most sensitive user information. 

The health care website became a prime target for critics of the Obamacare law last fall when the opening of the insurance enrollment period revealed widespread flaws in the online system. Critics have also raised concerns about potential security vulnerabilities on a site where users input large amounts of personal data.

The website troubles were largely fixed during the second month of enrollment and sign-ups ultimately surpassed initial expectations. Obama announced this week that about 8 million people had enrolled in the insurance plans.

The full extent of the damage caused by the Heartbleed is unknown. The security hole exists on a vast number of the Internet's Web servers and went undetected for more than two years. Although it's conceivable that the flaw was never discovered by hackers, it's difficult to tell.

The White House has said the federal government was not aware of the Heartbleed vulnerability until it was made public in a private sector cybersecurity report earlier this month. The federal government relies on the encryption technology that is impacted -- OpenSSL -- to protect the privacy of users of government websites and other online services.

The Homeland Security Department has been leading the review of the government's potential vulnerabilities. The Internal Revenue Service, a widely used website with massive amounts of personal data on Americans, has already said it was not impacted by Heartbleed.

"We will continue to focus on this issue until government agencies have mitigated the vulnerability in their systems," Phyllis Schneck, DHS deputy undersecretary for cybersecurity and communications, wrote in a blog post on the agenda website. "And we will continue to adapt our response if we learn about additional issues created by the vulnerability."

Officials wouldn't say how government websites they expect to flag as part of the Heartbleed security review, but said it's likely to be a limited number. The officials insisted on anonymity because they were not authorized to discuss the security review by name.

The Associated Press contributed to this report.


Didn't find what
you were looking for?

Powered by WorldNow

4739 NW 53rd Avenue, Sutie B
Gainesville, FL 32653

Phone: (352) 371-0051

Didn't find what you were looking for?
All content © Copyright 2000 - 2014 Fox Television Stations, Inc. and Worldnow. All Rights Reserved.
Privacy Policy | New Terms of Service What's new | Ad Choices