It begins: First Obamacare security breach leaks 2,400 Americans’ info

Mary Katherine Ham:

Beyond the glitches.

An employee of Minnesota’s Obamacare exchange, MNsure, sent an unencrypted file to the wrong person and left 2,400 people’s private information at the mercy of a nearby insurance agent.

One exchange staffer’s simple mistake gave insurance broker Jim Koester access to an Excel document of Social Security numbers, names, addresses and other personal data for whole a list of insurance agents. Luckily for the 2,400, Koester was cooperative — and unnerved.

“The more I thought about it, the more troubled I was,” Koester told the Minnesota Star Tribune. “What if this had fallen into the wrong hands? It’s scary. If this is happening now, how can clients of MNsure be confident their data is safe?”

We’ve written about the possibility of fraud, but as with all government endeavors, incompetence and carelessness are at least equal threats. I’ll be damned if I’d put my Social Security number into one of these untested databases today, so it can be handed off to a random navigator without a background check, printed off and left in a public library printer tray, or leaked to a local insurance agent. This is dangerous stuff, and it will happen over and over again.

I tried my hand at the Maryland Healthcare Connection today, and after three hours of waiting, could not load more than one screen in the process. I tried Maryland’s site in an attempt to be charitable to Obamacare and offset my own bias somewhat. Maryland has been proactive about exchange development, started on Day One after the law passed, is a small state with a frightening ratio of health care bureaucrats to citizens, and should have been one of the most prepared states to launch an exchange. The exchange’s opening was pushed from midnight to 8 a.m. to noon, at which point they put up this considerate message:

Message from Md: We want to make the experience as pleasant as possible so we're not letting people use the website pic.twitter.com/FKCUE3waOK

— Charlie Spiering (@charliespiering) October 1, 2013

That’s sort of the pitch from Congressional Republicans. We want to make Obamacare as pleasant an experience for the American people as possible by giving them the option to not experience it at all.

Many Obamacare supporters emphasized that the “giltches” in exchanges today are no biggie. They’ll be ironed out quickly, they’re a “great problem to have,” they’re only happening because so very many people want to sign up. Debatable. As I’ve written before, those who crafted the bill had no concept of how complicated what they were proposing would be to build. Today, Jay Carney revealed the depth of that ignorance when he answered questions about system, database, and server capacity problems with Obamacare today by saying, “I’m not an expert in web design.” Federal regulators, at the behest of Obama administration officials, delayed filling in the blanks left by ignorant lawmakers, further slowing the preparation process. Maryland, which was anxious to do all it could, was often running ahead of the feds, waiting for vital pieces of regulatory information. The Obama administration did this because revealing the true effects of this unpopular law before Obama won reelection would have made it harder for Obama to win reelection. They had years to get these sites ready, so anyone who tells you we’re judging them too harshly one day in is about three and a half years off. The attempt to blame Republicans for alleged “sabotage” is undermined by the fact that thoroughly blue states like Maryland and Oregon and New York, which had drunk gallons of Obamacare Kool-Aid (and maybe a little something extra) are among the IT meltdowns today.

Read more