Security professionals are again issuing a warning shot about the vulnerability of Healthcare.gov. Prior to testifying to Congress for the second time about the healthcare website’s security, David Kennedy — CEO of TrustedSec — wrote a blog post. In it, he provides his opinion, written testimony, and the opinions other professionals hold concerning the site’s security.
“In November of last year, I testified on the glaring security issues around Healthcare.gov, not as a hacker but someone who studies security exposures and works for some of the largest companies in the world to better their security,” Kennedy writes on the blog. “Today, nothing has changed and it’s business as usual on the healthcare.gov site.”
Kennedy acknowledges that he has never hacked Healthcare.gov. However, just as a car mechanic can spot the blatant, visible issues on a vehicle, Kennedy says his career allows him to do the same thing in regards to security exposures.