You are currently viewing the printable version of this article, to return to the normal page, please click here.

Hacking expert David Kennedy says he cracked HealthCare.gov in 4 minutes

- The Washington Times - Sunday, January 19, 2014

The man who appeared before Congress last week to explain the security pitfalls of HealthCare.gov took to Fox News on Sunday to explain just how easy it is to penetrate the website.

Hacking expert David Kennedy told Fox's Chris Wallace that he determined he could gain access to 70,000 personal records of Obamacare enrollees via HealthCare.gov within about 4 minutes — and it required nothing more than a standard browser, the Daily Caller reported.

"And 70,000 was just one of the numbers that I was able to go up to and I stopped after that," he said. "You know, I'm sure it's hundreds of thousands, if not more, and it was done within about a 4 minute timeframe. So, it's just wide open."

"You can literally just open up your browser, go to this, and extract all this information without actually having to hack the website itself," he said.

Mr. Kennedy testified before Congress Thursday that HealthCare.gov was "100 percent" insecure, Washington Free Beacon reported.

"What we learned was that they had rushed through what we call the software development life cycle where they actually build the application," he said on Fox.

"So when you do that, security doesn't really get integrated into it. And what happened with the rocky launch in October is they slapped a bunch of servers in trying to fix the website just to keep it up and running so that people could actually go and use it. The problem is they still didn't imbed any security into it."

"It's not just myself that's saying this website is insecure, it's also seven other independent security researchers that also looked at the research I've done and came to the exact same conclusion," he said.

© Copyright 2014 The Washington Times, LLC. Click here for reprint permission.