After two months of hacking the healthcare.gov web site to make it less of a functional disaster, there can be little doubt that there has been essentially no consideration or testing of security.
The only comfort that users have is that hackers haven’t been able to get on the Obama.lies web site either. That will change.
No legitimate business would behave like this. The site needs months or years of testing to be ready to go public. The CEO would be harshly prosecuted for Obama’s behavior.