News Headlines Article

Exclusive: Password-Reset Security Glitch Fixed on HealthCare.gov
TIME Online Edition

A security flaw in the original design of HealthCare.gov that could have disclosed e-mail and other account information to hackers was eliminated Monday during an overnight fix, a Center for Medicare and Medicaid Services spokesman has told TIME.

“We are eliminating this theoretical vulnerability by preventing users from seeing the specific reset functionality when trying to reset their password,” said Brian Cook, who works for the agency that oversees the troubled website portal for federal health-insurance exchanges.

Commands