A cyber security expert claims he could gain access to 70,000 personal records of ObamaCare enrollees in about 4 minutes.
David Kennedy, CEO of TrustedSec, told Fox News Sunday the information can be obtained without even hacking.
“There’s a technique we call passive reconnaissance which allows us to query and look at how the website operates and performs,” Kennedy said. “These type of attacks that I’m mentioning here, in the 70,000 that you’re referencing, is very easy to do, it’s a rudimentary type attack that doesn’t actually attack the website itself – it extracts information from it without actually having to go into the system.”
“Think of it this way, think of something where you have a car and the car doors are open and the windows are open and you can see inside of it, that’s basically what they allow you to do and there’s no real sophistication level here – it’s just really wide open.”
“And 70,000 was just one of the numbers that I was able to go up to and I stopped after that,” Kennedy continued. “You know, I’m sure it’s hundreds of thousands – if not more – and it was done within about a 4 minute timeframe.”
Kennedy has testified before congressional committees twice about what he sees as security concerns regarding the HealthCare.gov website.
See more at: CNS NEWS