recommended reading

Heartbleed Means HealthCare.gov Users Must Reset Passwords

Northfoto/Shutterstock.com

Federal officials are telling Obamacare website account holders to reset their passwords, following revelations of a bug that could allow hackers to steal data.

Officials earlier in the month said the government's main public sites, including HealthCare.gov, were safe from the risks surrounding Heartbleed -- faulty code recently found in a widely-used encryption tool. 

But, this weekend, the online marketplace's homepage directs users to change their login information.  

"While there’s no indication that any personal information has ever been at risk, we have taken steps to address Heartbleed issues and reset consumers’ passwords out of an abundance of caution," HealthCare.gov states. 

The marketplace uses many layers of protection to secure data and there’s no evidence Heartbleed has been used maliciously against the site, officials added.

When Heartbleed emerged, some security specialists said data flowing on HealthCare.gov could be jeopardized by an underlying Akamai Technologies system that contained the flaw. 

If Akamai was "transferring personal information, then that data would be at risk,” regardless of government security protections, Jerry Irvine, a member of the National Cyber Security Partnership, a public-private organization, said at the time

"If they were using Akamai for services other than direct data input,” such as for hosting photos and other multimedia, “then personal information would not have been at risk,” he said.

Federal officials declined to comment on whether Akamai was handling personal information for HealthCare.gov. 

(Image via Northfoto / Shutterstock.com)

Threatwatch Alert

User accounts compromised

1 Million Online Gaming Accounts Exposed

See threatwatch report

JOIN THE DISCUSSION

Close [ x ] More from Nextgov
 
 

Thank you for subscribing to newsletters from Nextgov.com.
We think these reports might interest you:

  • Modernizing IT for Mission Success

    Surveying Federal and Defense Leaders on Priorities and Challenges at the Tactical Edge

    Download
  • Communicating Innovation in Federal Government

    Federal Government spending on ‘obsolete technology’ continues to increase. Supporting the twin pillars of improved digital service delivery for citizens on the one hand, and the increasingly optimized and flexible working practices for federal employees on the other, are neither easy nor inexpensive tasks. This whitepaper explores how federal agencies can leverage the value of existing agency technology assets while offering IT leaders the ability to implement the kind of employee productivity, citizen service improvements and security demanded by federal oversight.

    Download
  • Effective Ransomware Response

    This whitepaper provides an overview and understanding of ransomware and how to successfully combat it.

    Download
  • Forecasting Cloud's Future

    Conversations with Federal, State, and Local Technology Leaders on Cloud-Driven Digital Transformation

    Download
  • IT Transformation Trends: Flash Storage as a Strategic IT Asset

    MIT Technology Review: Flash Storage As a Strategic IT Asset For the first time in decades, IT leaders now consider all-flash storage as a strategic IT asset. IT has become a new operating model that enables self-service with high performance, density and resiliency. It also offers the self-service agility of the public cloud combined with the security, performance, and cost-effectiveness of a private cloud. Download this MIT Technology Review paper to learn more about how all-flash storage is transforming the data center.

    Download

When you download a report, your information may be shared with the underwriters of that document.