Healthcare.gov's GuidewellConnect.com payment service is insecure due to expired certificate putting potentially millions at risk

I'm posting this here since nobody seems to be fixing this. I was helping someone sign up for insurance this week via the healthcare.gov website. They need to pay their first month premium by the start of the month to start getting insurance.

Healthcare.gov uses Guidewell Connect to do this. Sadly, they have an expired certificate so the SSL isn't working and as such the payment transaction isn't secure. This leaves people prone to having payment information stolen and leaves them open to intrusion.

Given the amount of money flowing through this website, it's rather insanely stupid that nobody had checked the SSL or that the link is working.

Does anyone know any of this geniuses? Any chance you can get them to do their jobs? It's hard to sign someone up for insurance on Aug 1 if you can't pay the first months premium.

I figured i'd post his here in case anyone knows these geniuses.

Error code: SSL_ERROR_UNRECOGNIZED_NAME_ALERT

Is the specific error.

submitted by /u/startupschmartup
[comments]

Healthcare.gov’s GuidewellConnect.com payment service is insecure due to expired certificate putting potentially millions at risk

Help!My husband will have surgery with out of network costs, which is in network with my plan!

The Incursion Of Profit-Enhancing Middlemen In US Health Care

Trying to decide between Blue Advantage Gold HMO and Blue Advantage Plus Gold. The only difference is the second one is a “POS”… any advice? Is POS worth it?

Snappy dressers talk scooters, mods and fashion

Is Amazon’s robotaxi company trying to sidestep federal safety laws?

USAA secures $450m of reinsurance with upsized Residential Re 2024-2 cat bond

5 cyber insurance claims: Real-world examples every business should know

Help!My husband will have surgery with out of network costs, which is in network with my plan!

More Stories

You may have missed