IE 11 is not supported. For an optimal experience visit our site on another browser.

Misplaced ire over healthcare.gov 'hack'

The right is worked up about an alleged "hack" of healthcare.gov. A closer look reveals that the story is based on practically nothing.
A man looks over the Affordable Care Act signup page on the HealthCare.gov website.
A man looks over the Affordable Care Act (commonly known as Obamacare) signup page on the HealthCare.gov website in New York, October 2, 2013.
By Steve Benen, Steve Benen
Back in January, Fox News, The Daily Caller, the Washington Times, and other conservative media seemed pretty worked up about an alleged security vulnerability in healthcare.gov. With a standard web browser, conservatives said, someone could access 70,000 personal records belonging to consumers who enrolled through the ACA system -- after just four minutes of effort.
 
It wasn't long before the reports were completely discredited. The security vulnerability didn't actually exist.
 
Apparently, it's time for Round Two.

The HealthCare.gov insurance portal succumbed to a cyberattack this summer, the government said Thursday, prompting an eruption of GOP finger-pointing and demands for hearings into the administration's security policies for the site, where millions of Americas have registered to purchase insurance. [...] "Today's news that HealthCare.gov was hacked should come as a surprise to no one," said Sen. Orrin Hatch (R-Utah). "Despite numerous warnings from myself and other lawmakers that security breaches were possible, HealthCare.gov underwent virtually no independent security testing.... It's yet another deeply disturbing failure of the president's health law, and once again it is the American people who are bearing the brunt of the law's failures."

House Oversight Committee Chairman Darrell Issa (R-Calif.) claimed that the site "suffered" a "malicious attack."
 
If the Republican concerns were in any way connected to reality, this would certainly be a legitimate concern. Fortunately, as was the case in January, the GOP's apoplexy is based on fantasy, and this latest uproar is about as legitimate as the right's other complaints about "Obamacare."
 
Let's run through the basics to help Hatch, Issa, and others get the facts straight.
 
Was healthcare.gov hacked? Not really. A test server was uploaded with "denial of service" malware -- a practice "so common that it's attempted 28 different times every hour." The healthcare.gov site itself was unharmed.
 
Was healthcare.gov specifically targeted? No. Was any consumer information compromised? No. Was any data transmitted? No. Was there an attempt to steal data? No. Was the website knocked offline? No.
 
So why is it, exactly, that conservatives are using this opportunity to whine? Because, even now, the right still loves complaining about the Affordable Care Act, without much regard for whether their complaints make sense.
 
As for Hatch's claim the healthcare.gov "underwent virtually no independent security testing," the use of the word "virtually" is pretty amazing . In reality, the site went through extensive end-to-end security testing and passed "with flying colors." Perhaps Hatch forgot these pesky details when responding to the latest non-story yesterday.
 
Republicans don't have to like the ACA, but that's no reason to mislead the public about the integrity of the system.