Why you must change your Healthcare.gov password?

If you’re one of the 8 million people who have signed up for Obamacare and haven’t changed your password yet, what are you waiting for? Seriously, go ahead and do it, like right now. I’ll be waiting right here. After all, it’s not like you have much of a choice either; the official federal healthcare market exchange has already reset all users’ passwords; if you haven’t logged on since before the weekend, next time you do so you will be prompted to create a new password. Just follow the steps one by one, or call their hotline if you have any problems.

This turn of events is due to something called Heartbleed, and no, it isn’t some kind of vascular hemorrhagic condition or anything of that sort. Actually, it is a security programming bug that allows hackers to steal all kinds of information from the internet with impunity, including sensitive personal and financial information, and while the Obamacare site has had its share of glitches this one actually affects most if not all of the internet, from social media websites like Facebook to streaming services like Netflix. You can get the lowdown on Heartbleed here. However, if you’re like me you will be more interested in the consequences than in the cause.

In other words, does the fact that the government is asking you to change your Healthcare.gov password mean that your information has been compromised? The answer is no, at least in good theory. Last Saturday the website displayed a message saying that there was ‘no indication that any personal information has ever been at risk’, and that the resetting of password measure is but a preemptive one. Basically what they’re trying to tell you is that it’s better safe than sorry.

As it turns out, it will certainly become a generalized measure as well, as major internet services are also advising users to change their passwords. Homeland Security has been reviewing the potential damage to all .gov sites and has already declared the IRS website to not have been impacted by the error. The Heartbleed bug has existed for at least two years, and the federal government only became aware of its existence at the same time as the general public did; similarly, they use the same popular encryption technology known as Open SSL. Hackers are also aware now if they weren’t before, and healthcare has always been a favorite target of hackers in particular and fraudsters in general, so it’s better to comply and change your password as soon as you have a chance.