KHN Morning Briefing

Summaries of health policy coverage from major news organizations.

Internet Bug Spurs Healthcare.gov To Reset Customer Passwords

USA Today: Obamacare Website Resets Passwords Over Heartbleed Bug
The Obama administration has reset the passwords of consumers who created accounts through HealthCare.gov, saying the precautionary move was necessary to protect personal information at risk through the newly discovered Heartbleed Internet bug. Those who have accounts will be prompted to create new ones the next time they visit the site, according to an announcement posted on HealthCare.gov (King, 4/19).

CNN: Heartbleed Causes HealthCare.Gov To Change Users' Passwords
The Obama administration says that although there is no immediate threat to users, all enrollees have had their password reset and now must create a new password. The threat emanates from a recently discovered online security vulnerability known as Heartbleed, which could put people's personal information at risk, from passwords and e-mails to financial information (Finnegan, 4/19).

Reuters:  Obamacare Enrollees Urged To Change Passwords Over Heartbleed Bug 
Companies from Amazon.com Inc to Google Inc. have been forced to take steps to protect against Heartbleed. ... The Heartbleed security flaw is a "catastrophic bug" believed to affect two out of every three Web servers, according to the Electronic Freedom Foundation. HealthCare.gov, a health insurance exchange for the 36 states that opted out of creating their own state insurance exchanges, was created under Obama's signature health care law, the 2010 Patient Protection and Affordable Care Act (Francescani, 4/19).

Fox News: HealthCare.Gov Users Told To Change Passwords Due To Heartbleed Risk
The full extent of the damage caused by the Heartbleed is unknown. ... The White House has said the federal government was not aware of the Heartbleed vulnerability until it was made public in a private sector cybersecurity report earlier this month. ... The Homeland Security Department has been leading the review of the government's potential vulnerabilities. The Internal Revenue Service, a widely used website with massive amounts of personal data on Americans, has already said it was not impacted by Heartbleed (4/20).

This is part of the KHN Morning Briefing, a summary of health policy coverage from major news organizations. Sign up for an email subscription.