Obamacare Security Failure: Website Misdirects Private Information to Stranger in Another State
by John Sexton 4 Nov 2013, 9:57 AM PDT
Thomas Dougall has a warning for Obamacare website users: Your "information may not be secure."
Dougall, a South Carolina attorney whose personal information was misdirected by the Obamacare website to a stranger in another state, says "I just want my personal information removed from what is an unsecured system." His adult daughter also wants her information removed from the Obamacare site but, so far, no one from HHS has answered their requests for help.
The entire saga began over the weekend when the Heritage Foundation reported that Justin Hadley, a North Carolina man, had logged in to his Healthcare.gov account and discovered personal information for two other people, one of them was named Thomas Dougall. Local news station News 48 interviewed Dougall Saturday.
"We're told constantly that it's a secure system and it's not, obviously," Dougall told 48 News. He added, "they have no procedure whatsoever to handle security breaches." News 48 contacted HHS for comment but only got an email asking for further information.
This morning I exchanged emails with Dougall and asked him if he had heard anything more from HHS. He replied "I have not heard anything from HHS other than their reply to the local affiliate that I should use the on line chat room or the toll free number. The person on the chat line refused to accept my contact information and told me I had to contact the FTC to report the problem. I was on hold for almost an hour on the phone and gave that up."
The situation not only has Dougall wanting to remove his private information from the site, but his daughter as well. "My adult daughter wants her information removed. Somebody on the phone told her they would have somebody call her. To my knowledge nobody has returned her call."
Finally, I asked Dougall if he had any advice for others who were considering placing their information on the site. He replied "The only advice I have is that people should know up front that if they apply their information may not be secure."
Dougall reitirated to me a concern he had expressed in his News 48 interview. The person who received his information wasn't doing anything wrong, but "what is going to happen when real hackers start attacking the system?"