Washington (CNN) - A cybersecurity scare is forcing Obamacare enrollees who used the HealthCare.gov site to sign up for an insurance plan to now change their passwords.
The Obama administration says that although there is no immediate threat to users, all enrollees have had their password reset and now must create a new password.
The threat emanates from a recently discovered online security vulnerability known as Heartbleed, which could put people's personal information at risk, from passwords and e-mails to financial information. It has forced most websites to re-evaluate and revamp their security procedures, and many have asked users to change their passwords, as well: from social media sites like Facebook and Instagram to dating site OKCupid and movie-streaming service Netflix.
"There’s no indication that Heartbleed has been used against HealthCare.gov or that any personal information has ever been at risk. However, we’re resetting current passwords out of an abundance of caution, to ensure the protection of your information," says a statement on HealthCare.gov.
The site has already reset users’ accounts. Now, when they sign in, they will be prompted to create a new, unique password. The site includes a step-by-step process on how to do so and provides a hotline for any users who experience difficulty.
The Obama administration had previously said it was "taking a hard look at widely used tools such as OpenSSL to see if there is more that the federal government needs to do - including supporting research and development," according to National Security Council spokeswoman Laura Lucas Magnuson. The message from HealthCare.gov is the first of its kind.
The federal exchanges have been a point of political contention since the site’s high-profile rollout last October was marred by disastrous flaws throughout the system. Since then, critics have charged that the site, full of personal and financial information, was a vulnerable target for hackers.
Between state and federal exchanges, 8 million Americans are now signed up for health insurance through Obamacare, President Obama announced Thursday. But the White House has not yet released how many people have fully enrolled, which requires paying their first premium.
Track them down with cyber DNA and put them behind bars !
Instead of fixing these Republican idiots are crying on Obamacare. Very pathetic. They know Greed is so huge in insurance industry, Hospital defrauding, doctors cheating, doing swan gantz for no reason.
If you like your password you can keep your password.
Bush did it!
Oh yeah, NOOOOW the rollout is a debacle.
what a joke
The government says, "no immediate threat to users"
Translation ... "you're screwed."
This program will never stand on two legs in its current form with or without the website . Its only temporary at least best . How long will it last ? We shall see ???
Wow all that money blown and they were using open source?
It might have been useful to report whether or not the site was found to be vulnerable.
Its become clear to me now the staff at Obamacare don't have a brain among them.
A smart person would have adjusted the website capacity to handle the increased visitors expected from such a press release. But what does these bozos do instead?
"We're busy making HealthCare.gov even better! Sorry you can’t get what you need right now. Please come back and visit again later."
So many ignorant comments nowadays. Technology is technology, and no one company is to blame for it. It is what it is. Get over it.
Good thing I have never logged in on that site, I knew it was bad from the start
Is this in any way going to hurt my $2500 health care rebate?
This is only the first of many security problems with this web site.
Blame the tea party.
This is really poor journalism. It is the same as "Heartbleed causes Fox News to change administrative passwords".
Both are equally true but there is the nutty unvoiced implication that there is something wrong with Obama Care because of some general bug out there that effects everyone.
This article is just about as interesting as a cigarette butt on the street.
No threat to users, but to the brain dead republicans, it's the end of the world.
Wait a minute, republicans did not even sign up for health insurance and they are complaining? This has to be the first time in our history that a password has to be changed? How dumb the wingnuts are.
Seriously, it's not clear that every site has adopted new procedures to block Heartbeed so change your passwords now and in another month. My passwords are often too similar and recently I came up with a new, simple algorithm to create different personal passwords for different sites from very obscure words based on something in my past, but I'm not going to use them for another month.
After the Kochs spent over $1 billion to encourage republicans to break the law and not sign up, are we to believe they defied the billionaires orders and signed up after all?
Here is a thought: The Koch's paid to invent this bug so that they could use it for attacks on all of us!
The dumbest tea bagger in congress, Huelscamp, who has promised to repeal ACA, said he was not sure, but he did not think the uninsured rate in Kansas dropped. Kansas refused to expand Medicaid for their voters, and refused to set up an exchange to sign up uninsured. He was not sure, but that did not stop him from spouting bagger nonsense.
Blame The Republicans For Obamacare
I blame the republicans for Obamacare. If the republicans had introduced a single payer system (the ONLY system that will allow us, as an ENTIRE nation, to negotiate better health care prices), we wouldn't have to deal with Obamacare today. But since the republicans introduced NOTHING of substance to address the health care crisis, we now have Obamacare. Blame the republicans for Obamacare. After all it was THEIR idea, supported by the Heritage Foundation, and actually implemented by Mitt Romney.
wow.... obamacare is such a disaster than even the people that jammed it down our throats are trying to claim they didn't do it and it was all somebody elses fault!! now this is their own president's supposedly signature accomplishment!! well, just when you thought the far leftist democrat lies couldn't get any worse, along comes this doozy!! only three words for this: total democrat desperation.
Do not worry. It is only financial and healthcare information. What differance does it make.