Security flaws found in three state health insurance websites

http://www.modernhealthcare.com/article/20160408/NEWS/304089997

The vulnerabilities were discovered by the Government Accountability Office, the investigative arm of Congress, and shared with state officials last September. Vermont authorities would not discuss the findings, but officials in California and Kentucky said this week that there was no evidence hackers succeeded in stealing anything.

Regulators said that given the number of weaknesses they discovered in just the three states studied, other state-run health insurance exchanges could be vulnerable, too. The GAO recommended the federal government continually monitor cybersecurity at such sites.