A year-long investigation by the House Energy and Commerce Committee into information security protocols at the Department of Health and Human Services finds “serious structural flaws” that leave HHS vulnerable to cyber attacks.
“What we found is alarming and unacceptable,” said Committee Chairman Fred Upton (R-Mich.) and Oversight and Investigations Subcommittee Chairman Tim Murphy (R-Penn.), in a joint written statement. “At a time when sensitive information is held by so many in the public and private sectors, Americans should not have to worry that the U.S. government is left so vulnerable to attack. With the recent Office of Personnel Management attack serving as another example of how wrong things can go, this report pulls back the curtain and sheds light on serious deficiencies in HHS’s information security practices.”