The state is paying hackers a one-time reward if they find a technical glitch, and 30 vulnerabilities have been discovered since the initiative launched March 29, according to the report.
Findings have included one hacker finding a way into the inner workings of the system and posting an announcement that had malicious code in it, according to the report. Within an hour, that hacker took over approximately 100 workers’ computers on the state network.
Another hacker discovered a bug that would have allowed for a bad actor to pull every Gateway record, including all personal information of people in the system.
The state has already paid out its full $200,000 allocated for the program, according to the report. CMS is covering 90 percent of the program costs. Payouts range from $350 for small glitches to $25,000 for major issues. Plans are in the works to add another $300,000 in reward money.
