Hi AppNewser readers - we're now a part of Mediabistro's SocialTimes.com. For more great App news, reviews, guides and tips, head over to InsideMobileApps.

Security Researcher Accesses Healthcare.Gov for 4 Minutes, Retrieves 70,000 Records

healthcare.govThe year’s two popular subjects, healthcare and security makes an uneasy companion, but with the State Department terminating its contract with the site’s developer’s, CGI Federal, it was only a matter of time until the security gaps started to leak from Healthcare.gov with millions of Americans signed on for national health coverage.

For security researcher, David Kennedy, CEO of TrustTec, the site’s problematic lack of security has always been a problem, and he’s able to prove it. Kennedy was able to gain access to 70,000 records in just four minutes. He could have gotten more data, but at that point, his passive reconnaissance proved what security experts have been saying all along:  You can literally just open up your browser, go to this and extract all this information without actually having to hack the website itself.

Kennedy’s disturbing testimony lays out a long road ahead for Healthcare.gov: Out of the issues identified last go around, there has been a half of a vulnerability closed out of the 17 previously disclosed and since my last appearance, other security researchers have also identified an additional 20+ exposures on the site.

Other experts have made similar warning about the type of data available to hackers:

Healthcare.gov retrieves information from numerous third-party databases belonging to the IRS, Social Security Administration, Department of Homeland Security, and other State agencies. It would be a hacker’s wet dream to break into Healthcare.gov and potentially gain access to the information stored in these databases. A breach may result in massive identity theft never seen before — these databases house information on every U.S. citizen!

So while the NSA is busily gathering 200 million text messages every day, Healthcare.Gov is an open door of personal data from every citizen.

Related Stories
Mediabistro Course

Social Media 201

Social Media 201Starting October 13Social Media 201 picks up where Social Media 101 left off, to provide you with hands-on instruction for gaining likes, followers, retweets, favorites, pins, and engagement. Social media experts will teach you how to make social media marketing work for your bottom line and achieving your business goals. Register now!