Issa Agrees to Tierney Request to Investigate Criminal Groups Attempting to Hack HealthCare.gov

January 16, 2014
Press Release

Washington, D.C. (Jan. 16, 2014)—At a hearing today on the security of the Healthcare.gov website, Rep. John F. Tierney, Ranking Member of the Subcommittee on National Security, proposed that the Committee stop spending so much time criticizing federal officials charged with protecting the website—which has not been successfully attacked to date—and instead start investigating the criminal activities of domestic hackers, foreign entities, and others seeking to gain access to the personal information of American consumers.

As one example, Tierney highlighted press reports about organizations developing and promoting a tool called "Destroy Obamacare" that intentionally seeks to stall the website so it cannot function properly. This tool was reportedly developed by right wing groups motivated by political opposition to the Affordable Care Act to block applicants from obtaining health coverage they are entitled to under the law—activities today's witnesses called "criminal."

"I have a modest suggestion here," said Tierney. "Why don't we try to find out who's doing that? This is an oversight and investigatory committee after all. I'm talking about people who are trying to get into the system and destroy it. We ought to go after those bad guys on that basis."

He added, "I would ask that the Committee consider an investigation pursuing those who are making attempts to attack and hack this site whether it is for political animus or any other means…That seems to be the real danger here, and interfering with people's rights to have healthcare under the plan."

In response to Tierney's proposal, Committee Chairman Darrell Issa agreed to investigate these organizations and hold hearings.

"The gentleman absolutely is right. Cybersecurity is part of our core jurisdiction. Mr. Connolly and I also spoke this morning at a cloud computing conference, so that is an area of not only interest but willingness to put staff and dais time into. If I may, Mr. Cummings and I have been discussing—and I'll be brief—the fact that we need to link in as part of our Committee jurisdiction other areas of best practice flaws within federal government, but also a recognition that those things have to be rippled out to private corporations, the banking community, certainly Target's been mentioned here, but it wasn't the only commercial site hacked during this period of time, so I join with the gentleman, and you can count on there being a series of briefings and possible Committee hearings."

All of the witnesses at today's hearing confirmed that there have been no successful security attacks against the website to date. A memo issued last week by Oversight Committee Ranking Member Elijah Cummings and Energy and Commerce Committee Ranking Member Henry Waxman confirmed these findings and reported that no individual or group has succeeded to date in hacking or maliciously accessing the personally identifiable information of users.

Issues:Health CareInvestigation of Cybersecurity