70,000 was just one of the numbers that I was able to go up to. And I stopped after that. You know, and I’m sure it’s hundreds of thousands, if not more and it was done within about a four-minute time frame. So, it’s just wide open. You can literally just open up your browser, go to this and extract all this information without actually having to hack the website itself.
via Insecure healthcare.gov allowed hacker to access 70,000 records in 4 minutes | Computerworld Blogs.
Many top notch hackers blasted the site and the lack of any basic security. An audit found 17(!) vulnerabilies originally, and after ‘fixes’ an extra 20+
Robin Edgar
Organisational Structures | Technology and Science | Military, IT and Lifestyle consultancy | Social, Broadcast & Cross Media | Flying aircraft