The good news is no data was taken. The bad news is that a HealthCare.gov server was hacked because of major lapses in security — calling into question the state of the hundreds of other servers that comprise the website. The New York Times reported the incident, which involved malware installed on a test server. That malware was intended to launch denial-of-service attacks that bombard other websites with traffic and knock them offline. Most security experts say such attacks are a nuisance but don't bring a huge amount of risk in terms of data theft. But how did it happen? The Centers for Medicare and Medicaid Services pointed to lapses in security, from connecting the test server to the Internet — which was never intended — to failing to change the original password assigned by the hardware manufacturer.
Trending:
Healthcare.gov breach could be a sign of bigger security issues