Personal details of US politicians compromised in breach, FBI

DC Health Link data breach: Personal details of US House members, staff compromised

Image:

DC Health Link data breach: Personal details of US House members, staff compromised

Hacker claims some of the data has already been sold

Several members of the US Congress may have had their personal identifiable information (PII) compromised due to a cyberattack on DC Health Link, the online health insurance marketplace of the District of Columbia.

The data breach was disclosed earlier this week, with DC Health Link stating that the FBI had informed them that some of the leaked information was available for purchase on the dark web.

DC Health Link is the organisation responsible for managing the healthcare plans of the US House of Representitives members, their staff and their families.

The House Chief Administrative Officer, Catherine L. Szpindor, sent an internal memo to staff members on Monday, notifying them of a "significant data breach," which potentially exposed sensitive personal details of thousands of employees.

"As a member or employee eligible for health insurance through the DC Health Link, your data may have been comprised," Szpindor said.

"Currently, I do not know the size and scope of the breach, but have been informed by the Federal Bureau of Investigation (FBI) that account information and PII of hundreds of members and house staff were stolen.

"It is important to note that at this time, it does not appear that members or the House of Representatives were the specific target of the attack."

On Wednesday, House Speaker Kevin McCarthy and Minority Leader Hakeem Jeffries also sent an email to their colleagues informing them about the breach.

"Right now, our top priority is protecting the safety and security of anyone in the Capitol Hill community affected by the cyber hack," McCarthy and Jeffries wrote, describing the incident an "egregious security breach."

https://twitter.com/HouseAdmin/status/1633587951304159234?ref\\_src=twsrc%5Etfw

While the cause, size and scope of the data breach affecting DC Health Link are not known, a post published on a dark web forum on Monday appeared to advertise the hacked material for sale.

A threat actor known as IntelBroker claimed they breached the DC[.]gov Health Benefit Exchange Authority, stole information of US House members, and were now selling that information to interested parties.

A sample of the stolen data showed that it contained the personal information of approximately 170,000 affected individuals, according to a report by BleepingComputer.

The information compromised includes names, dates of birth, addresses, email addresses, phone numbers, Social Security Numbers and other sensitive details.

"I am looking for undisclosed amount in XMR cryptocurrency. Contact me on keybase @ IntelBroker. Middleman only," the threat actor said, adding that they have already sold the stolen information to at least one buyer.

Adam Hudson, a spokesman for the Health Benefit Exchange Authority, confirmed the breach in a statement, saying the personal data of some DC Health Link customers had been exposed on a public forum.

Hudson said the authority had initiated an investigation into the breach. "Concurrently, we are taking action to ensure the security and privacy of our users' personal information. We are in the process of notifying impacted customers and will provide identity and credit monitoring services."

The FBI confirmed it was aware of the incident and was assisting with the investigation.

"As this is an ongoing investigation, we do not have any additional information to provide at this time," a spokesperson added.