Cyber security experts warn against risks on healthcare.gov website
Updated: Thursday, December 5 2013, 10:49 AM CST
Despite hundreds of repairs to healthcare.gov --- a cyber security expert is still warning people to stay away from using it.
He says security flaws have still not been fixed.
How is it possible that healthcare.gov can present more of a security risk to peoples' private information now?
That, after all the marathon hours spent repairing bugs, glitches and poor engineering over the past six weeks.
"Basically just started poking and prodding a little bit, looking at the security and we found out it was pretty bad all around."
That's David Kennedy, the head of an online security firm appearing earlier this week on CNBC
None of it comes as surprise to insurance broker Ed Kafes who from the start had been leery of security lapses.
"I tell em there are three reasons to go to the website. Reason one is to sign up for Medicaid, reason two is get a subsidy, reason three is to get your identity stolen."
All of Kafes' clients signing up for healthcare on line sign legal papers promising not to hold him liable for identity theft.
"But its not just healthcare.gov -- security expert Kennedy says the state's health care exchanges are not immune from hackers trying to pry into personal information."
"So when you visit the website it actually tries to hack your computer back all the way to being able to extract email addresses, user names, first name, last name, locations."
Former New York City mayor Rudy Giulani says he's constantly hearing about growing fears over putting sensitive data on unproven websites.
"People are very afraid to have their health care record basically online because of the hacking problems. So, this has done a lot of damage, not just the obvious."
The White House does not speak publicly about the ongoing security issues --instead it touts the benefits of the Affordable Care Act at every opportunity.
"The Affordable Care Act is not about a website. The website is a means to an end and the end is the provision of quality of health insurance to millions of Americans."
Kennedy estimates it would take months to well over a year to resolve all security lapses -- suggesting it would be easier to scrap healthcare.gov and start all over again.