Internet Bug Spurs Healthcare.gov To Reset Customer Passwords

USA Today: Obamacare Website Resets Passwords Over Heartbleed Bug
The Obama administration has reset the passwords of consumers who created accounts through HealthCare.gov, saying the precautionary move was necessary to protect personal information at risk through the newly discovered Heartbleed Internet bug. Those who have accounts will be prompted to create new ones the next time they visit the site, according to an announcement posted on HealthCare.gov (King, 4/19).

CNN: Heartbleed Causes HealthCare.Gov To Change Users' Passwords
The Obama administration says that although there is no immediate threat to users, all enrollees have had their password reset and now must create a new password. The threat emanates from a recently discovered online security vulnerability known as Heartbleed, which could put people's personal information at risk, from passwords and e-mails to financial information (Finnegan, 4/19).

Reuters:  Obamacare Enrollees Urged To Change Passwords Over Heartbleed Bug 
Companies from Amazon.com Inc to Google Inc. have been forced to take steps to protect against Heartbleed. ... The Heartbleed security flaw is a "catastrophic bug" believed to affect two out of every three Web servers, according to the Electronic Freedom Foundation. HealthCare.gov, a health insurance exchange for the 36 states that opted out of creating their own state insurance exchanges, was created under Obama's signature health care law, the 2010 Patient Protection and Affordable Care Act (Francescani, 4/19).

Fox News: HealthCare.Gov Users Told To Change Passwords Due To Heartbleed Risk
The full extent of the damage caused by the Heartbleed is unknown. ... The White House has said the federal government was not aware of the Heartbleed vulnerability until it was made public in a private sector cybersecurity report earlier this month. ... The Homeland Security Department has been leading the review of the government's potential vulnerabilities. The Internal Revenue Service, a widely used website with massive amounts of personal data on Americans, has already said it was not impacted by Heartbleed (4/20).

This is part of Kaiser Health News' Daily Report - a summary of health policy coverage from major news organizations. The full summary of the day's news can be found here and you can sign up for e-mail subscriptions to the Daily Report here. In addition, our staff of reporters and correspondents file original stories each day, which you can find on our home page.