The news media this week has been rife with stories about how much the HealthCare.gov website has improved since its disastrous October launch. But the site still has weaknesses that could be exploited by cybercriminals.
David Kennedy, a noted security expert and CEO of TrustedSec, this week wrote on the company's website that "a number of undisclosed exposures have still not been addressed and exist today." He went on to say that HealthCare.gov "continues to incorporate poor security practices and should be addressed as soon as possible."
Kennedy testified before the House Committee on Science, Space and Technology Nov. 19 that his analysis of the HealthCare.gov website uncovered dozens of holes that could potentially be used to gain access to user data.