Hackers Breach Obamacare Website, Info on 75,000 Compromised


Apparently, $2.1 billion wasn’t enough to ensure that the Obamacare website was hack-proof.

According to a statement last week from The Centers for Medicare and Medicaid Research, they were “responding to suspicious activity in agent and broker exchanges portal.”

What does that mean? Essentially, data on 75,000 individuals was compromised.

“Earlier this week, CMS staff detected anomalous activity in the Federally Facilitated Exchanges, or FFE’s Direct Enrollment pathway for agents and brokers. The Direct Enrollment pathway, first launched in 2013, allows agents and brokers to assist consumers with applications for coverage in the FFE,” the statement said.

“At this time, we believe that approximately 75,000 individuals’ files were accessed. While this is a small fraction of consumer records present on the FFE, any breach of our system is unacceptable.”

Gold Medalist Withdraws from Olympics After Horrifying Video Takes Internet by Storm

Well, yes, it should be. The Federally Facilitated Exchanges are part of the constellation of websites. In 2014, a year after the exchanges first went up, they were estimated to cost an astounding $2.1 billion — and even then, they appeared to have more bugs than an Indonesian rainforest.

“It’s been about a year since Obamacare’s marketplace launched for the first time. After all of the technical glitches, massive repair efforts and major contractor shakeups, the government has struggled to nail down exactly how much it has spent on the website,” The Fiscal Times reported at the time.

“In a federal audit released this week, the Health and Human Services Department Inspector General said obtaining financial information on was ‘difficult and time consuming.’ The IG even said that it ‘could not determine the reliability of most of the amounts’ that the agencies had provided.”

While the Obama administration put estimates regarding the cost of the website at a little under a billion dollars, Bloomberg found the number was well over double that amount.

Should the Obamacare website have better security?

The Office of the Inspector General would later peg the website’s cost at only $1.7 billion, still a bit more than double what the Obama administration said it was.

If you think that looks bad, consider the original estimated cost for the Canadian firm CGI Group to design the website was just $93.7 million.

Yes, 75,000 may be a small percentage of the number of people in the system, but it’s still a fairly major breach when you consider the sensitivity of the information contained therein.

“Our No. 1 priority is the safety and security of the Americans we serve. We will continue to work around the clock to help those potentially impacted and ensure the protection of consumer information,” CMS Administrator Seema Verma said.

“I want to make clear to the public that and the Marketplace Call Center are still available, and open enrollment will not be negatively impacted. We are working to identify the individuals potentially impacted as quickly as possible so that we can notify them and provide resources such as credit protection.”

Chuck Schumer Tries to Drum Up Enthusiasm for Kamala Harris but Gets Brutal Response When He Asks for Applause

If only they had the resources to prevent something like this — say, billions of dollars of government funding. At least they acted quickly, though, right?

Well, it depends on what you mean by quickly.

“CMS began the initial investigation of anomalous system activity in the Direct Enrollment pathway for agents and brokers on Oct. 13, 2018 and a breach was declared on Oct. 16, 2018,” the statement said. “The agent and broker accounts that were associated with the anomalous activity were deactivated, and — out of an abundance of caution — the Direct Enrollment pathway for agents and brokers was disabled. We are working to address the issue, implement additional security measures, and restore the Direct Enrollment pathway for agents and brokers within the next seven days.”

In other words, three days passed between the initial investigation and a breach being declared. Given the tools available to web security experts, this doesn’t exactly reek of efficiency.

That, regrettably, puts this episode right in line with the rest of our experience.

Truth and Accuracy

Submit a Correction →

We are committed to truth and accuracy in all of our journalism. Read our editorial standards.

, , , ,
C. Douglas Golden is a writer who splits his time between the United States and Southeast Asia. Specializing in political commentary and world affairs, he's written for Conservative Tribune and The Western Journal since 2014.
C. Douglas Golden is a writer who splits his time between the United States and Southeast Asia. Specializing in political commentary and world affairs, he's written for Conservative Tribune and The Western Journal since 2014. Aside from politics, he enjoys spending time with his wife, literature (especially British comic novels and modern Japanese lit), indie rock, coffee, Formula One and football (of both American and world varieties).
Morristown, New Jersey
Catholic University of America
Languages Spoken
English, Spanish
Topics of Expertise
American Politics, World Politics, Culture