Heartbleed causes HealthCare.gov to change users' passwords
April 19th, 2014
02:05 PM ET
5 years ago

Heartbleed causes HealthCare.gov to change users' passwords

Washington (CNN) - A cybersecurity scare is forcing Obamacare enrollees who used the HealthCare.gov site to sign up for an insurance plan to now change their passwords.

The Obama administration says that although there is no immediate threat to users, all enrollees have had their password reset and now must create a new password.

The threat emanates from a recently discovered online security vulnerability known as Heartbleed, which could put people's personal information at risk, from passwords and e-mails to financial information. It has forced most websites to re-evaluate and revamp their security procedures, and many have asked users to change their passwords, as well: from social media sites like Facebook and Instagram to dating site OKCupid and movie-streaming service Netflix.

"There’s no indication that Heartbleed has been used against HealthCare.gov or that any personal information has ever been at risk. However, we’re resetting current passwords out of an abundance of caution, to ensure the protection of your information," says a statement on HealthCare.gov.

The site has already reset users’ accounts. Now, when they sign in, they will be prompted to create a new, unique password. The site includes a step-by-step process on how to do so and provides a hotline for any users who experience difficulty.

The Obama administration had previously said it was "taking a hard look at widely used tools such as OpenSSL to see if there is more that the federal government needs to do - including supporting research and development," according to National Security Council spokeswoman Laura Lucas Magnuson. The message from HealthCare.gov is the first of its kind.

The federal exchanges have been a point of political contention since the site’s high-profile rollout last October was marred by disastrous flaws throughout the system. Since then, critics have charged that the site, full of personal and financial information, was a vulnerable target for hackers.

Between state and federal exchanges, 8 million Americans are now signed up for health insurance through Obamacare, President Obama announced Thursday. But the White House has not yet released how many people have fully enrolled, which requires paying their first premium.


Filed under: cybersecurity • Obamacare
soundoff (51 Responses)
  1. ProudAmerican

    Its time for Americans to recognize how corrupt the right has become.
    They have created a mythical history that combines the fairy tales from religion to
    outright lies about The US's founding. They are a cancer against this nation and
    must be defeated at every turn, every election, every idea before they destroy this country and the world!

    April 19, 2014 05:20 pm at 5:20 pm |
  2. Anonymous

    Does this Tampon Timmie guy live on this site? Hey buddy, get a life will you?!! Unless you are getting paid to post your nonsense, you might want to actually do something productive with your time because the tripe you post on this board ads nothing to the discourse.

    April 19, 2014 05:20 pm at 5:20 pm |
  3. disgustedvet

    Obamacare is dangerous to your health, both physically and financially .

    April 19, 2014 05:23 pm at 5:23 pm |
  4. don in albuquerque

    Chris-E

    Just amazing how your posts can go from challenged and scattered, to well (better anyway) written. The only other person that plays this hiding game so visibly is Gunderson. Could it be????????????

    April 19, 2014 05:41 pm at 5:41 pm |
  5. don in albuquerque

    Track down who it is and then after making their families so very proud of them by putting their pictures on the evening news-–BBB (Butts Behind Bars).

    April 19, 2014 05:45 pm at 5:45 pm |
  6. LHH

    Gurgyl Just for the record the insurance industry, AMA, AOA, Pharmaceuticals were very supportive of the ACA. In my opinion that is because they know that the ACA will throw more money into the system. Patients who hospitals and doctors treated for free in the past now the providers will get paid. Pharmaceutical will have a wider group of clients who have prescription plans so they will do better. Of course no one has waste and fraud as much as a government program (think medicare, medicaid). So I certainly agree with the second part of your statement, President Obama and the senate and house democrats basically increased the amount of money available to doctors, hospitals, pharmaceutical companies. This is basically welfare for the medical complex. As far as republicans are concerned as you remember the democrats in the senate had a filibuster proof majority and the democrats controlled the house. Pres. Obama did not want to compromise or discuss the ACA with the republicans. The house has passed multiple bills to change the ACA (for instance they voted to delay the mandate for a year) and Reid never let the senate even consider it. The ACA was set up by the democrats and to date they have not wanted any input from republicans except for them to shut up and not argue about the ACA. Not a very good approach to compromise is it.

    April 19, 2014 05:57 pm at 5:57 pm |
  7. G_Edwards

    The bug was identified OVER A WEEK AGO! Well done again, Obama Administration.

    .

    April 19, 2014 06:04 pm at 6:04 pm |
  8. don in albuquerque

    Quick get Derwood Issa on the phone. This calls for at the very least a five million dollar investigation hearing to find out absolutely nothing.

    April 19, 2014 06:08 pm at 6:08 pm |
  9. CanThinkForMyself

    I am not generally not in favor of gov't intervention, but when it comes to health care, I think it might actually be needed. The fact that we, the taxpayers, pay for those who don't have insurance is my motivation. I think of it this way: businesses provide affordable healthcare because of being a large group. For those who are not employed to the point they have health insurance, should they not have the same advantage? I'm not sure the ACA doesn't need some revisions and clarifications, but it's the best plan for uninsured I've seen so far.

    April 19, 2014 06:29 pm at 6:29 pm |
  10. D jones

    Richard Nixon tried when he was president to introduce a Federal Medical Insurance program and the Democrats wanted nothing to do with it. These program ideas go way back.

    April 19, 2014 07:19 pm at 7:19 pm |
  11. Lizzie

    Blame The Republicans or Obamacre, great, as you may remember republicans where shut out of ALL negotiations on this 2000 plus pages of Obamacare, of which 2000 pages have NOTHING to do with healthcare. Don't worry Obamacare was never suppose to work you WILL get your wish with a single payer system.

    April 19, 2014 07:23 pm at 7:23 pm |
  12. ObamaIsMyHero

    No worry's, Barry said it is safe. What could possibly happen if someone got your name, address, social security number, etc?

    I hear that Obama will put in some security, after the Employer Mandate goes in, if he is able to use his pen to change the rules and get a third term as dictator.

    He is a very competent man. He hired the best.

    April 19, 2014 07:27 pm at 7:27 pm |
  13. Lizzie

    Gurgyl
    Instead of fixing these Republican idiots are crying on Obamacare. Very pathetic. They know Greed is so huge in insurance industry, Hospital defrauding, doctors cheating, doing swan gantz for no reason.
    - was it not President Obama who congratulated the insurance company for being on board with Obamacare, did he not have doctors in white coats at the WH thanking them for supporting Obamacare. You like to blame everyone and everything, typical Democrat minion.

    April 19, 2014 07:28 pm at 7:28 pm |
  14. ObamaIsMyHero

    Obama just said: 'This thing is working!', what he didn't realize was the hackers fixed it, so they could get more Soc. Sec. Numbers.

    April 19, 2014 07:28 pm at 7:28 pm |
  15. java2

    The Koch Brothers are attacking the ACA again after paid hacks sabotaged the opening in Oct.

    April 19, 2014 07:29 pm at 7:29 pm |
  16. NamejJK. SFL. vOTE THE GOP ANTI-HEALTHCARE PARTY OUT iN NOVEMBER

    Yes , I know the GOP TROLLS had something to do with it !!!!!

    April 19, 2014 07:32 pm at 7:32 pm |
  17. Fritz Hohenheim

    Hey US Government! If you have nothing to hide, you have nothing to fear!

    April 19, 2014 07:58 pm at 7:58 pm |
  18. Jeff

    Blame Obamacare for Heartbleed? What next?

    April 19, 2014 08:36 pm at 8:36 pm |
  19. Robert

    Since nobody on here can make an intelligent comment...I will not be the first. So instead, here is my own trolling:

    Young people who signed up are use to changing passwords and will not care. Old people who signed up probably already forgot their passwords anyway.

    April 19, 2014 08:50 pm at 8:50 pm |
  20. opinion8it

    How is this relevant when people are no longer allowed to enroll?..... this is s dead issue.

    April 19, 2014 09:00 pm at 9:00 pm |
  21. bob

    Did you sign up for the ponzi? If so being taken is part of it.

    April 19, 2014 09:12 pm at 9:12 pm |
  22. RWB1956

    I read about this yesterday and was just waiting to see the negative comments and conspiracy theories to start. That was fast.

    April 19, 2014 09:30 pm at 9:30 pm |
  23. bcrunner

    Every time there is any kind of news that is related to the Affordable Care Act, it gives the right wing nuts some kind of an excuse to bash the ACA. It does not matter that this virus has affected other businesses as well.. and others are taking the same measures. Our IT group at work is doing the same thing. Some of our clients have been asked to do the same... change their passwords when they log onto our site...

    April 20, 2014 10:36 am at 10:36 am |
  24. don in albuquerque

    Jeff

    Little Bighorn was his fault too.

    April 20, 2014 11:08 am at 11:08 am |
  25. Bessy

    I think a little reading on " heartbleed " is in order for some of you people. Problems with this bug have existed for 2 years. Changing passwords is a minor thing to have to do. If you can own a computer than you should be able to change your passwords. They should be changed frequently in the best of times.
    Now tell me what Obamacare has to do with this bug. (?) Some of you people are like sheep.

    Anyway, Happy Easter to all who celebrate the holiday. Try to relax and enjoy the day.

    April 20, 2014 11:16 am at 11:16 am |
1 2 3