Officials are urging those with accounts on HealthCare.gov to reset their passwords due to the Heartbleed vulnerability. Credit: Heartbleed.com/Thinkstock As if the website didn’t have enough problems to deal with…Administrators on HealthCare.gov, the enrolment website for President Obama’s Patient Protection and Affordable Care Act – referred to by some as Obamacare, have reset user passwords after an audit determined that the servers hosting the insurance exchange were vulnerable to Heartbleed.In a notice posted to the website on Saturday, users are told that while there has been no indication of information loss, the passwords were reset out of an abundance of caution."There’s no indication that Heartbleed has been used against HealthCare.gov or that any personal information has ever been at risk. However, we’re resetting current passwords out of an abundance of caution, to ensure the protection of your information."As of Monday morning, visitors to the website and those who attempted to login over the weekend seem to be the only ones told of the changes. The official Twitter and Google+ accounts for HealthCare.gov haven’t addressed the topic. The Internet has been buzzing about Heartbleed since it was disclosed earlier this month, and HealthCare.gov is just the latest mainstream website to have been impacted by the vulnerability.The ACA website isn’t the only domain impacted though. Senior officials for the Obama administration told the Associated Press that other government websites might produce similar warnings, including Whitehouse.gov, where the We the People petitions page is hosted. In a blog post, DHS deputy undersecretary for cybersecurity and communications, Phyllis Schneck, said it will take time for the government to address the Heartbleed issue properly."As we conduct the scans of government systems and agencies conduct their own reviews, many government websites turn out to have never been vulnerable to Heartbleed because they did not use OpenSSL; in those cases, no further action is needed at this time. However, in those cases where agencies determine that a website or system could have been vulnerable to Heartbleed, they are taking the same steps as the private sector...""We will continue to focus on this issue until government agencies have mitigated the vulnerability in their systems. And we will continue to adapt our response if we learn about additional issues created by the vulnerability." Related content news Gwinnett Medical Center investigating possible data breach After being contacted by Salted Hash, Gwinnett Medical Center has confirmed they're investigating a security incident By Steve Ragan Oct 02, 2018 6 mins Regulation Data Breach Hacking news Facebook: 30 million accounts impacted by security flaw (updated) In a blog post, Facebook’s VP of product management Guy Rosen said the attackers exploited a flaw in the website's 'View As' function By Steve Ragan Sep 28, 2018 4 mins Data Breach Security news Scammers pose as CNN's Wolf Blitzer, target security professionals Did they really think this would work? By Steve Ragan Sep 04, 2018 2 mins Phishing Social Engineering Security news Congress pushes MITRE to fix CVE program, suggests regular reviews and stable funding After a year of investigation into the Common Vulnerabilities and Exposures (CVE) program, the Energy and Commerce Committee has some suggestions as to how it can be improved By Steve Ragan Aug 27, 2018 3 mins Vulnerabilities Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe