GAO Created Fake Enrollees to TEST Obamacare Security… Government Approved Them ALL! Here’s What This Sting Operation Reveals About Massive Fraud!
THE STING OPERATION THAT EXPOSED EVERYTHING
The Government Accountability Office just released a report that should make every taxpayer absolutely furious. But here’s what you need to understand first: GAO is actually the good guys here. They’re the government watchdog agency that tests other government programs to find problems before criminals can exploit them.
So what did they do? They created completely fictitious people and applied for Obamacare subsidies to see if the system could catch the fraud. The results are damning: it couldn’t catch anything.
This wasn’t some elaborate, sophisticated scheme. GAO just made up fake applicants and submitted them through the normal Healthcare.gov website that millions of Americans use. And nearly every single fake person got approved and started receiving thousands of dollars in taxpayer-funded subsidies.
Let that sink in for a moment. The government’s own watchdog agency proved that anyone with basic knowledge of the system can create fake identities and steal healthcare subsidies. If the good guys testing the system can do it this easily, imagine what organized criminals are actually doing right now.
WHAT HAPPENED WHEN GAO CREATED FAKE PEOPLE
In October 2024, GAO created four completely fictitious applicants for the 2024 plan year. These weren’t real people. They were made-up identities with fabricated information. GAO submitted their applications through the federal Marketplace just like any legitimate applicant would.
The result? All four fake people were approved for subsidized coverage. The government started paying insurance companies $2,350 per month in November and December for these people who literally don’t exist. That’s $4,700 in just two months for absolute ghost enrollees.
But here’s where it gets even more outrageous. The federal Marketplace actually requested documentation to verify these fake people. They asked for Social Security numbers, citizenship proof, and income verification. This is supposed to be the fraud prevention working, right? The system catches suspicious applications and asks for proof.
GAO didn’t provide any documentation. Nothing. Zero. Complete radio silence when asked to verify.
And you know what happened? They got coverage anyway. The government just approved the subsidies despite receiving absolutely no verification documents.
For the 2025 plan year, GAO expanded their test. They created twenty fictitious applicants. As of September 2025, eighteen of these completely fake people are still actively enrolled and receiving subsidized coverage. The government is paying over $10,000 per month in subsidies for these non-existent enrollees. That works out to more than $120,000 annually in taxpayer money going to people who literally don’t exist.
THIS ISN’T THE FIRST TIME
Here’s what makes this even more infuriating: GAO has been running these same tests since 2014. That’s right, over ten years ago they created fake enrollees and got them approved. They reported their findings in 2016. They recommended fixes. They told the government exactly how criminals could exploit the system.
And nothing changed. Absolutely nothing.
When GAO came back in 2024 and 2025 to test again, they found the exact same vulnerabilities. The same weaknesses. The same failures. A full decade later, after being explicitly warned about these problems, the system still can’t detect fake enrollees.
This proves something crucial: if government investigators can easily create fake people and get subsidies with minimal effort, criminals are absolutely doing the same thing on a massive scale. GAO is demonstrating the vulnerability. They’re the white hat hackers showing everyone how broken the security is. The black hat hackers are actually exploiting it for profit.
THE REAL FRAUD: $21 BILLION MISSING
Now here’s where we need to separate GAO’s test from the actual fraud happening in the real world. The fake people GAO created represent maybe $150,000 in fraudulent subsidies as part of their investigation. That’s the test. The real scandal is what GAO found when they analyzed the actual Obamacare enrollment data.
They discovered over $21 billion in subsidies that were paid out in 2023 and never reconciled through tax filings. Twenty-one billion dollars. Let me explain what that means because it’s critical to understanding the scope of this fraud.
Obamacare subsidies work on an advance system. You apply for insurance and estimate your income. Based on that estimate, the government pays subsidies directly to insurance companies on your behalf to reduce your premiums. But here’s the catch: at tax time, you’re supposed to reconcile those subsidies against your actual income. If you earned more than you estimated, you pay back the excess subsidy. If you earned less, you get additional credit.
This reconciliation process is supposed to ensure that subsidies only go to people who are actually eligible and in the right amounts. It’s the fraud check that happens after the fact.
But GAO found that over $21 billion in subsidies were never reconciled. That means whoever received these subsidies never filed taxes to verify they were actually eligible. They just took the money and disappeared. No reconciliation. No verification. No accountability.
Now, the Centers for Medicare and Medicaid Services will tell you that unreconciled subsidies don’t necessarily represent fraud. Maybe people were eligible but just didn’t file taxes for some reason. But come on. We’re talking about $21 billion. Even if half of it is legitimate people who somehow forgot to file taxes, that’s still $10 billion in likely fraud. And realistically, when someone receives government subsidies and then never files the required tax forms to verify eligibility, that’s a massive red flag for fraud.
This represents real criminals doing exactly what GAO demonstrated was possible. Fake enrollees getting subsidies. People lying about income and never reconciling. Dead people still enrolled because nobody checks. Identity theft victims whose Social Security numbers are being used to fraudulently enroll in coverage. All of it flowing through a system that GAO just proved has basically zero effective fraud controls.
68,000 SOCIAL SECURITY NUMBERS USED FRAUDULENTLY
GAO didn’t stop at creating fake people. They also analyzed the real enrollment data to look for patterns of fraud. What they found should terrify anyone who cares about identity theft and government waste.
In plan year 2024 alone, nearly 68,000 Social Security numbers were used to receive more than one year’s worth of insurance coverage in a single year. Think about what that means. Someone is using the same Social Security number to enroll multiple times, receiving multiple subsidies for what should be one person.
Here’s an example of how this works. John Smith enrolls in January using his legitimate Social Security number. Then in March, someone else enrolls using John’s stolen SSN. In June, yet another person enrolls with the same SSN. All three enrollments get approved. The government is now paying subsidies three times for a single Social Security number. That’s triple-paying for the same person.
Now, you might think the system would catch this immediately. Surely when a second enrollment comes in with the same SSN, the computer flags it and rejects it, right? Wrong.
CMS actually defends this practice. Their explanation is that they don’t prohibit multiple enrollments per Social Security number because they want to ensure the actual SSN holder can enroll even if there’s identity theft or data entry errors. Let me translate that excuse into plain English: “We know this enables massive fraud, but we’re too lazy to build a system that can handle edge cases properly, so we just allow everyone to enroll multiple times.”
There are legitimate ways to handle identity theft situations without allowing unlimited duplicate enrollments. You could flag the duplicate, investigate it, verify the real person’s identity, cancel the fraudulent enrollment, and then allow the legitimate enrollment. But that would require actual work and competent system design. Instead, CMS just shrugs and allows the fraud to continue because fixing it properly would be hard.
In plan year 2023, they found over 29,000 Social Security numbers with this same problem. The number nearly tripled to 68,000 in 2024. The fraud is accelerating, not decreasing.
160,000 UNAUTHORIZED ENROLLMENT CHANGES
There’s another type of fraud happening that doesn’t involve fake people at all, but it’s devastating to real Americans. GAO found at least 160,000 applications in plan year 2024 that had likely unauthorized changes made by insurance agents or brokers.
Here’s how this scam works. You enroll in a health insurance plan through an agent. Everything seems fine. But then that agent or a different agent goes into the system and changes your enrollment without your permission. They switch you to a different insurance company. Why? Because they get a commission for the new enrollment.
You might not even notice right away. But then you go to pick up your medication and discover it’s not covered anymore because you’re on a different plan. Or you try to see your doctor and find out they’re not in your network anymore. Your insurance has been changed without your knowledge or consent, and you’re suffering real harm because some agent wanted to make a quick commission.
GAO found 30,000 of these cases in 2023. By 2024, it had exploded to 160,000. That’s over a fivefold increase in a single year. This is organized fraud at scale, and it continued unchecked for years.
To CMS’s minimal credit, they finally implemented a new control in July 2024 to try to prevent these unauthorized changes. But think about the timeline here. This fraud has been happening for years. Hundreds of thousands of people have been harmed. And it took until July 2024 to implement a fix? That’s government efficiency for you.
And here’s the kicker: that control only addresses this one specific type of fraud. It doesn’t stop the fake enrollees. It doesn’t prevent the Social Security number misuse. It doesn’t reconcile the $21 billion. It’s one small band-aid on a system hemorrhaging from multiple massive wounds.
WHY THE SYSTEM KEEPS FAILING
GAO didn’t just identify the fraud. They also identified why it keeps happening. The answer is almost comically bureaucratic in its incompetence.
CMS hasn’t updated its fraud risk assessment since 2018. Let me repeat that: 2018. We’re now in 2025. The program has changed dramatically in those seven years. New risks have emerged. The enrollment process has evolved. Technology has advanced. Criminals have developed new tactics. And CMS is still operating based on a fraud assessment from seven years ago.
But it gets worse. Even that 2018 assessment wasn’t particularly good. GAO found that it didn’t fully align with leading practices for fraud risk management. It didn’t properly identify inherent fraud risks. And most damning of all, CMS never used the 2018 assessment to actually develop an anti-fraud strategy.
Let that sink in. They did a fraud risk assessment in 2018. Found problems. And then never actually created a strategy to address those problems. The assessment just sat on a shelf somewhere collecting dust while billions of dollars in fraud continued unabated.
This is textbook government incompetence. GAO has been warning them about these exact vulnerabilities since 2014. A full decade of warnings. Detailed reports showing exactly how the fraud works and how to fix it. Recommendations that were specific and actionable.
And CMS just… didn’t do it. They didn’t update their systems. They didn’t implement the recommended controls. They didn’t build a comprehensive anti-fraud strategy. They just kept processing applications and paying out subsidies while fraud ran rampant.
WHAT THIS MEANS FOR YOU
Every single dollar of fraudulent subsidies comes directly from your taxes. That $21 billion in unreconciled subsidies? Your money. The $120,000 annually going to GAO’s fake enrollees? Your money. The double and triple payments from the 68,000 misused Social Security numbers? Your money. The commissions paid to fraudulent agents making unauthorized changes? Ultimately funded by your taxes.
When government programs are this broken, when fraud controls are this weak, when accountability is this absent, you pay the price. Not the bureaucrats who failed to fix the system. Not the politicians who defend the broken program. You. The taxpayer who works hard and follows the rules gets to fund the fraud committed by criminals who exploit broken government systems.
And it’s not just healthcare. If the fraud controls are this catastrophically bad for Obamacare subsidies, what does that tell you about other government programs? Medicare fraud is estimated at $60 billion annually. Medicaid fraud is around $80 billion annually. COVID unemployment fraud hit $163 billion. Student loans, Social Security disability, housing assistance—all of these programs have significant fraud problems.
The pattern is always the same. Weak controls. No accountability. Fraud running wild. Taxpayers footing the bill. Bureaucrats promising to “look into it” while nothing actually changes.
THE POLITICAL REALITY NOBODY WANTS TO ADMIT
Conservatives have been arguing for years that government-run healthcare would be wasteful, fraudulent, and unaccountable. That Obamacare was fundamentally broken. That bureaucrats couldn’t be trusted to manage massive healthcare programs efficiently. That taxpayer money would be stolen on a massive scale.
GAO just proved every single one of those arguments correct with hard data.
The Affordable Care Act costs taxpayers over $50 billion annually in premium subsidies alone. That’s before you count the unknown billions in fraud—though we now know it’s at least $21 billion unreconciled in a single year. Add in administrative costs, compliance costs for businesses, and all the other hidden expenses, and the price tag is staggering.
And for what? A system so broken that government investigators can create fake people and get them enrolled with minimal effort. A system that can’t prevent the same Social Security number from being used 68,000 times in fraudulent enrollments. A system that allows insurance agents to make 160,000 unauthorized changes to people’s coverage. A system that has $21 billion in subsidies floating around with no verification that the recipients were actually eligible.
You know what’s really telling? This story is barely making headlines. Mainstream media is largely ignoring it. A few buried mentions here and there, but nothing like the coverage this deserves. Why? Because it’s embarrassing to Obamacare, which was President Obama’s signature achievement. Because it undermines the Democrat narrative that government healthcare works. Because it proves conservative criticism was right all along. The media protects Democrats from stories like this.
If this were a Trump administration program with $21 billion in fraud, it would be 24/7 coverage. CNN would have special graphics. MSNBC would have panels discussing it every hour. The New York Times would have front-page exposés. But because it’s Obamacare, because it’s a Democrat sacred cow, the story gets buried.
WHAT SHOULD HAPPEN (BUT WON’T)
If we lived in a functional government with real accountability, here’s what would happen immediately. CMS would suspend new enrollments until the fraud controls are actually fixed. Not promises to fix them eventually. Not committees to study the problem. Actually fix the verification systems, implement real identity checks, close the loopholes, and then reopen enrollments once the system is secure.
They would aggressively investigate and prosecute the $21 billion in unreconciled subsidies. Track down every single case. Demand tax filings or repayment. Prosecute those who defrauded the system. Make examples of the fraudsters to deter future fraud. Actually recover taxpayer money instead of just writing it off.
The leadership at CMS would be fired. They’ve known about these problems since GAO first reported them in 2016. They haven’t fixed them. They haven’t even updated their fraud risk assessment in seven years. They don’t have an anti-fraud strategy despite being warned repeatedly. This is dereliction of duty, and people should lose their jobs over it.
The system would require real verification before approval. Not just requesting documents that applicants can ignore. Actual identity checks before enrollment is approved. Cross-referencing with IRS data to verify income. Checking Social Security numbers against Social Security Administration records. Flagging duplicate enrollments and investigating them before approval. Blocking enrollment until verification is complete.
And they would reconcile that $21 billion. Every dollar. Track down everyone who received subsidies and never filed taxes. Demand compliance or repayment. Prosecute fraud. Recover what can be recovered. Show taxpayers that their money is being protected.
But you know what’s actually going to happen? Nothing. Absolutely nothing.
CMS will issue some bland statement promising to review the findings. GAO will issue another report in a few years finding the exact same problems. The fraud will continue. Taxpayers will keep paying. No one will be held accountable. The media will continue ignoring it. Democrats will continue defending Obamacare as a great success. Republicans will complain but won’t have the votes to fix it. And the cycle will continue forever.
THE BIGGER PICTURE
This GAO report is a perfect snapshot of why Americans have lost faith in government. The system is broken. Everyone knows it’s broken. The government’s own watchdog agency proves it’s broken with detailed reports showing exactly how and why it’s broken. And then nothing changes.
Bureaucrats face no consequences for failure. Programs continue operating despite massive fraud. Taxpayer money gets stolen by the billions. And the people responsible just shrug and promise to “look into it” while continuing to do the exact same thing that allowed the fraud in the first place.
The GAO investigators did their jobs. They found the problems. They documented the fraud. They showed how criminals are exploiting the system. They made specific recommendations. They did everything right.
But doing the right thing doesn’t matter when the people with the power to fix the problems simply choose not to. When bureaucrats prioritize protecting their programs and their careers over protecting taxpayers. When politicians care more about defending their party’s signature legislation than addressing massive fraud.
This is government healthcare in action. Wasteful. Fraudulent. Unaccountable. Broken. Expensive for taxpayers who follow the rules and profitable for criminals who don’t.
Conservatives warned this would happen. They said government can’t run healthcare efficiently. They said fraud would be inevitable. They said taxpayer money would get stolen. They said bureaucrats wouldn’t be held accountable. They said the system was fundamentally broken.
GAO just proved them right with $21 billion worth of evidence.
Do YOU think $21 billion in unreconciled subsidies represents fraud? Should heads roll at CMS for allowing this to continue for over a decade? Can you trust government to run healthcare when they can’t even stop fake people from getting coverage? The evidence is clear: government healthcare is broken, and your tax dollars are being stolen while bureaucrats do nothing to stop it.
Full report here: https://www.gao.gov/products/gao-26-108742
Michael (Mike) Davis is an experienced writer and freelance stylist specializing in men's grooming, skincare, hairstyles, and fashion.
With over 5 years of industry experience, he has a deep understanding of men's skin types, hair textures, and fashion preferences. Mike's passion for staying up-to-date on the latest trends and techniques is evident in his writing, which has been featured in popular publications.
He takes pride in providing practical advice to his clients and readers.