Testimony from Henry Chao, deputy chief information technology officer at CMS, underscored the laundry list of ObamaCare website problems, including the security of HealthCare.gov.
But Chao dropped a bombshell when he testified that up to 40 – 60 percent of IT systems supporting the exchange on the site still needed to be built. “It’s not that it’s not working,” Chao told lawmakers at an Energy and Commerce Oversight and Investigations subcommittee hearing. “It’s still being developed and tested.”
Chao wasn’t the only HealthCare.gov official in the hot seat today. During the testimony heard in front of the House Science, Space and Technology Committee, all of the witnesses were forced to admit that Americans’ personal, private information is not safe on the federal “exchange,” HealthCare.gov.
“Given the testimony we have heard today, there is only one reasonable course of action. Mr. President, take down this website,” Congressman Lamar Smith, Texas Republican and chairman of the committee said during a separate hearing that added security to the list of ObamaCare website problems.
But for some Americans, these revelations weren’t a surprise, at all.
Friday evening, Tom Dougall of South Carolina had a voicemail from a total stranger. Justin, a man in North Carolina, said he received a document on HealthCare.gov with Dougall’s personal information. “Initially, I was concerned because I didn’t know if this was some guy who was scamming me or if in fact this was a guy who really had my personal information,” Dougall said in an interview with the Heritage Foundation.
Dougall immediately contacted WMBF News in Myrtle Beach, South Carolina, and then Senators Lindsey Graham (R-SC) and Tim Scott (R-SC), along with Representative Joe Wilson (R-SC). After getting in touch with Justin Hadley, whose story first broke on Heritage’s “The Foundry” over the weekend, Dougall found out that Hadley had received a notice about his marketplace eligibility with downloadable letters addressed to Dougall.
“I want my personal information off of that website,” Dougall said.
But there is no way for Dougall and other users of HealthCare.gov to turn back the clock, and Rep. Tim Murphy R-PA, was worried about Americans who cannot secure already compromised private information, and there is no telling how many other Americans may have been compromised as Dougall was.
“Right now, healthcare.gov screams to those who are trying to break into the system, ‘If you like my health care info, maybe you can steal it,’” he said at the end of the hearing on the security of HealthCare.gov.
Henry Chao told Rep. Murphy and the committee that the federal portal has not been “successfully” hacked, and that the system is safe to use. Clearly Mr. Dougall would disagree with that assessment, but he wouldn’t be alone.
David Kennedy, a “white hat hacker” who also testified at the House Science, Space, and Technology Committee hearing Tuesday, said to Greta Van Susteren during “On the Record” that the agency’s estimate the website had been hacked 16 different times seems very low to him.
“I think that that shows that there’s little to no monitoring so they probably don’t even know if they’re getting hacked right now,” Kennedy said.
Kennedy said that it is common for most websites to receive upwards of 30,000 to 40,000 various types of hacker attacks in one month, alone.
“Something as popular as HealthCare.gov is going to exhibit a lot more than that,” he said, “so if they’re only seeing 16 of these it means that a lot of those are going undetected, and they’ve probably already gotten access to the site or are working on getting access to the site.”
The administration was downplaying November expectations for fixes to the many ObamaCare website problems, and now we know why. Kennedy also said that it would be “impossible” for the many ObamaCare website problems to be ironed out in a few weeks, let alone ensure the safety of users’ information.
