On Tuesday's CBS This Morning, Jan Crawford zeroed in on the "several flaws" with HealthCare.gov that "could expose your personal information" to hackers, contrary to the Obama administration's claims that "information is protected by stringent security standards", as White House Press Secretary Jay Carney put it at an October 31, 2013 briefing.
Crawford spotlighted a South Carolina resident whose personal information was jeopardized by a faulty software code, and pointed out how easily a consumer's password could be reset with authorization: [MP3 audio available here; video below the jump]
JAN CRAWFORD: Software experts tell CBS News they have identified multiple security issues, including with user names and passwords. We gave one technology expert the real HealthCare.gov user name of a CBS employee. Within seconds, he identified the specific security question she selected to reset her password.
Anchor Charlie Rose recapped correspondent Sharyl Attkisson's scoop about the ObamaCare website from Monday's CBS Evening News – that "a CBS News analysis finds key tests to ensure the security and privacy of customer information fell behind schedule. A deadline for final security plans was delayed three times over the summer, and final top-to-bottom security tests never got done before the launch."
Crawford then led by noting that "technology experts are telling us that was just not enough testing on the security of the website before it went live, and they've shared with CBS News several flaws that could expose your personal information." She continued by playing the soundbite of Carney's claim, and countered with the eyebrow-raising experience of attorney Thomas Dougall: "Dougall and his wife signed up on the website in October – but...got a disturbing call – a man in North Carolina, who also registered – and was shocked to get the Dougalls' eligibility letters, including their names and home address."
Later in the segment, the CBS journalist underlined the password security risk by playing a clip from the former assistant director of the Cyber Division of the FBI, who warned that "if somebody's got the ability to look at the source code and be able to reverse engineer that and identify what somebody's personal questions are, that should be of concern".
Back on the October 18, 2013 edition of CBS This Morning, Crawford highlighted how "the problems [with HealthCare.gov] go beyond the enrollment process. Most troubling...insurance companies report receiving duplicate sign-up...and records of people enrolling, un-enrolling, and then, re-enrolling. Those forms contain highly personal information."
[Update, Tuesday, 1:34 pm Eastern: the full transcript of Jan Crawford's report from Tuesday's CBS This Morning is available on MRC.org.]