Heartbleed Means HealthCare.gov Users Must Reset Passwords

[InfoSec News <alerts () infosecnews org>]

http://www.nextgov.com/cybersecurity/2014/04/heartbleed-means-healthcaregov-users-must-reset-passwords/82852/

By Aliya Sternstein
Nextgov.com
April 19, 2014

Federal officials are telling Obamacare website account holders to reset 
their passwords, following revelations of a bug that could allow hackers 
to steal data.

Officials earlier in the month said the government's main public sites, 
including HealthCare.gov, were safe from the risks surrounding Heartbleed 
-- faulty code recently found in a widely-used encryption tool.

But, this weekend, the online marketplace's homepage directs users to 
change their login information.

"While there’s no indication that any personal information has ever been 
at risk, we have taken steps to address Heartbleed issues and reset 
consumers’ passwords out of an abundance of caution," HealthCare.gov 
states.

[...]

--
Subscribe to InfoSec News
http://www.infosecnews.org/subscribe-to-infosec-news/