Hundreds of congressional leaders and staff had their data stolen by threat actors through DC Health Link, the health insurance marketplace for Washington. An email notifying House members and staff of the breach was first revealed by the Daily Caller.
Calling it a “significant data breach,” the Capitol Police and DC Health Link notified House of Representatives Chief Administrative Officer Catherine Szpindor late March 8 that the personally identifiable information of thousands of health insurance enrollees may have been exposed.
The scope and source of the hack is currently unknown. The FBI has confirmed that the account information and PII of “hundreds of members and staff” were included in the stolen information.
However, the data appears to not only have been leaked online: the dark web posting on IntelBroker, is listed as “SOLD.” IntelBroker, or Endurance, emerged in October 2022 and uses a “small wiper malware written in C# using the .NET framework.”
A screengrab posted on Twitter shows IntelBroker first compromised the DC Health Link Health Benefit Exchange Authority in the early hours of Monday, March 6. The actor claims “to be in possession” of the data tied to 170,000 individuals.
A screen image via Twitter of stolen information from DC Health Link for sale on a hacking forum that includes personally identifiable information. (via @Video_Forensics)
The alleged stolen data includes subscriber, policy, and member IDs, full names, Social Security numbers, dates of birth, gender, benefit types, plan and carrier names, employers, home addresses, brokers, citizen status,