Updated: 12/12/2013 7:24 AM KSTP.com By: Leslie Dyste
5 EYEWITNESS NEWS partnered with Mark Lanterman at Computer Forensic Services to test the security of MNsure's website.
Our test revealed MNsure's site contains a vulnerability that allows hackers to intercept usernames and passwords via a Wi-Fi connection. MNIT, the state's information technology department, is responsible for MNsure's security.
For a month, MNIT told us the problem was not with the MNsure website. On Wednesday however, MNIT told us they objected to our assertion it denied there was a problem.
While MNIT says it has not been able to replicate our test, it now acknowledges it did believe it had addressed a risk following our reports. MNIT says it made tweaks to the website to improve security.
So, KSTP tested the site again and found the problem has not been fixed. MNsure is still vulnerable to the same type of attack.
Now MNIT is reaching out and asking Lanterman for help.
The request comes as state leaders are demanding MNIT acknowledge and resolve the problem.