The healthcare portal used to sign up for Obamacare was hit by 316 cyberattacks in less than 18 months, according to a report published on Wednesday.
The “majority” of incidents were probative in nature, according to the study by the General Accountability Office. The agency defines probing as any “activity that seeks to access or identify a federal agency computer, open ports, protocols, service or any combination for later exploit.”
Related Story: http://www.washingtonexaminer.com/article/2583035
None of the attacks resulted in a loss of sensitive data, according to investigators, though 41 of the incidents involved personal information that was not being properly stored. Of those, all but one were classified as having a “moderate” or “limited” impact. More than 98 percent of incidents were assessed at that level.
The system’s data hub also contained several common vulnerabilities. Those included lax administrative privileges, which could allow hackers to leverage more advanced access more quickly in the event of a breach, inconsistent application of security patches and a poorly configured administrative network.
The problem-plagued system’s ability to avoid any severe breaches is relatively remarkable in light of successful cyberattacks on other agencies over the last year. The Internal Revenue Service has reported losing at least some data on hundreds of thousands of taxpayers to hackers in the last year alone.
Related Story: http://www.washingtonexaminer.com/article/2582925
The HealthCare.gov website was established by a government contractor in 2013 and infamously experienced a host of problems at its outset, from system crashes to systemic vulnerabilities. Officials worked to resolve some of those problems after two 2014 reports assessing the system’s failures, published by the GAO and the inspector general for the Department of Health and Human Services.
The report released on Wednesday reflects a study conducted between October 2013 and March 2015.