English
Estonian
Latvian
Lithuanian
Polish
Romanian
Russian
Ukrainian
Federal officials are investigating a data breach of a Washington health insurance marketplace that exposed sensitive personal data such as Social Security numbers connected to lawmakers, their families and congressional staffers.
House and Senate lawmakers were told Wednesday that hackers may have obtained access to their data via a breach hitting DC Health Link.
The FBI said in a statement Thursday that it was aware of the incident and was assisting.
Speaker Kevin McCarthy and House Minority Leader Hakeem Jeffries, in a letter to the DC Health Benefit Exchange Authority obtained by NBC, warned that the fallout from the breach could be “extraordinary.” The letter said the FBI purchased from the dark web some of the hacked material, including Social Security numbers and other data connected to lawmakers and congressional staffers.
House Chief Administrative Officer Catherine Szpindor told lawmakers and their staffs that the FBI believed data on hundreds of them was stolen, according to a letter from Ms. Szpindor obtained by Punchbowl News.
A chief administrative office spokesperson said Thursday that the office would send updates to lawmakers and staffers that it gets from law enforcement.
A sample of stolen data reviewed by The Associated Press included Social Security numbers, addresses, phone numbers and emails.
The Committee on House Administration said it’s trying to protect people from becoming victimized. “Chairman [Bryan] Steil is aware of the breach and is working with the CAO to ensure the vendor takes necessary steps to protect the [personally identifiable information] of any impacted member, staff and their families,” the committee tweeted Wednesday.
Records from the data breach appeared available for sale in an online crime forum by a broker who claimed the data was stolen Monday and who said it amassed info on 170,000 DC Health Link customers.
Precisely who is responsible for the breach is not immediately clear. A broker communicating in an encrypted chat with the AP said it was acting on behalf of a seller identified as thekilob.
• This article was based in part on wire service reports.
