Skip to main content

HealthCare.gov Breach: What Was Really Lost?

September 05, 2014

The reported breach of HealthCare.gov is just one of many breaches announced during the past few weeks. Healthcare.gov has sensitive information of millions of Americans, thus any breach in the security of the website could lead to major privacy issues. According to reports, the breach occurred on a test server with no consumer data and was not intended to be connected the internet. The default password had not been changed, which is one of the most basic mistakes a system administrator and how the server was inadvertently allowed access to the internet is of concern. 

Having been a CISO for global organizations, I understand the complexities of securing a major web site. It can be difficult to ensure the organization’s development team understands that even the breach of a test system can result in major reputational damage. The trust of consumers is in the brand name. If this almost non-event had not occurred with a trusted government website, the breach wouldn’t have been newsworthy. Of course, as the investigation into the total impact of the breach continues the circumstances may change.

It is important to keep our eyes on the big picture. There continues to be major breaches across multiple business sectors, and we need to avoid getting “security breach fatigue.”  We cannot throw in the towel and accept that major security breaches are just a way of life.  The only way to protect the corporate assets and consumer personal information is by implementing a holistic, business-aligned security strategy, understanding the true threats to the sensitive data, and staying focused on implementing the appropriate security controls. 

Related Blogs

December 05, 2017

The Risk of Cryptocurrencies

Cryptocurrencies are a libertarian ideal: a monetary system outside the control of big government. The modern digital world provides the necessary com...

See Details

August 28, 2014

Why Are Healthcare Breaches on the Rise? (Part 1)

The recent announcement of a security breach of millions of healthcare records has raised yet another alarm in the security world. Is healthcare going...

See Details

August 29, 2014

Why Are Healthcare Breaches on the Rise? (Part 2)

In my last blog post, I discussed how the visibility of electronic healthcare records (EHR), and the lucrative financial gain attackers can realize by...

See Details

How Can We Help?

Let us know what you need, and we will have an Optiv professional contact you shortly.


Privacy Policy

Related Insights

November 12, 2014

Empowering the CISO

A security-focused business culture can empower the CISO to effectively perform their job, and allow them to become a respected member of the “C” leve...

See Details

October 04, 2017

Health Check

Learn how we can proactively confirm your security controls to keep your systems current.

See Details

July 21, 2015

Data Security Solutions

Learn how we can help secure your date throughout its lifecycle.

See Details

Stay in the Know

For all the latest cybersecurity and Optiv news, subscribe to our blog and connect with us on Social.

Subscribe

Join our Email List

We take your privacy seriously and promise never to share your email with anyone.

Stay Connected

Find cyber security Events in your area.