The FBI is investigating a data breach affecting members and staff of the U.S. House of Representatives after their personal information was stolen from DC Health Link’s servers.
DC Health Link is responsible for administering health care plans for House members, staff, and their families. The breach potentially exposed the personal identifiable information (PII) of thousands of enrollees, including names, dates of birth, addresses, email addresses, phone numbers, Social Security numbers, and more.
While the email sent by the House Chief Administrative Officer didn’t provide details on the stolen data, a threat actor known as IntelBroker is selling the information on a hacking forum.
The sample of stolen data contains information for about 170,000 individuals, including subscriber ID, policy ID, plan name, plan metal level, carrier name, premium amount, and more.
The threat actor is seeking an undisclosed amount of XMR crypto currency and has claimed that the information has already been sold to at least one buyer. It is not known if House members were specifically targeted in the attack, and the investigation is ongoing.
The Health Benefit Exchange Authority confirmed that some of the stolen DC Health Link data was exposed online and that notifications would be sent to those affected.
The organization has initiated a comprehensive investigation and is working with forensic investigators and law enforcement. Credit monitoring services will be provided for impacted customers, as well as all customers, out of an abundance of caution. The investigation is ongoing, and more information will be provided as it becomes available.
The breach is just the latest in a string of cyberattacks targeting U.S. government entities and follows the SolarWinds attack in December 2020, which affected several government agencies. The incident underscores the need for increased cybersecurity measures and vigilance to protect against data breaches and cyberattacks.
