Sensitive information of members of Congress, their staff and family members has been exposed in a data breach, according to House leaders. House Speaker Kevin McCarthy and House Minority Leader Hakeem Jefferies were able to purchase leaked information from health insurance marketplace DC Health Link on the dark web. .
The data included the names of the registered spouses, dependent children, social security numbers and home addresses, according to the letter. “This breach significantly increases the risk that members, staff and their families will be exposed to identity theft, financial crime and physical threats – already an ongoing concern,” the report states.
The FBI has not yet determined the size and scope of the breach, McCarthy and Jeffers said, though they note the impact on the home’s clients could be extraordinary. They note that thousands of House members and staff members from around the country have signed up for health insurance through DC Health Link since 2014.
“Fortunately,” the House leaders wrote, “the individuals selling information appear to be unaware of the high-level sensitivity of the classified information in their possession, and its relationship to members of Congress.” “This will certainly change with more widespread media reporting of the abuse.”
At this time, I do not know the scale and scope of the breach, but I have been informed by the FBI that the account information and [personally identifiable information] stole hundreds of members and House staff,” Kathryn L. Szbindor, the House’s chief administrative officer, wrote in a letter to her colleagues. Reports indicate that the data also includes details about Senators and their staff, but that information was apparently limited to their names. and the names of their family members.
NEW: The House Managing Director just emailed staff/members to say there has been a major data breach at DC Health Link – health insurance for House members and staff: @tweet pic.twitter.com/XP9Ehg1r0p
– Henry Rodgers (@henryrodgersdc) March 8, 2023
DC Health Benefits Exchange, the operator of DC Health Link, said it has opened an investigation. “We are in the process of notifying affected customers and will provide identity and credit monitoring services,” she said. NBC News in the current situation. The FBI has confirmed that it is aware of the incident, while the Capitol Police are assisting the agency in its investigation.
A member of a dark web forum reportedly claimed this week that they had data on 170,000 DC Health Link customers and were willing to sell the information. They later said that the information had been sold.
“We’re going to continue to work on this issue in a bipartisan way, get to the bottom of what happened, and find out the implications of what happened,” Jefferies said Thursday. “And we’ll also need some real reassurance about the firewalls that are in place to prevent this type of data breach from happening again.”
