The FBI is investigating a data breach affecting members and staff of the United States House of Representatives after their account and sensitive personal information was stolen from DC Health Link’s servers.
DC Health Link is the organization that administers the health care plans of US House members, their staff, and their families.
Affected individuals were notified of the breach today in an email from Catherine L. Szpindor, Executive Director of the United States House, as first reported by daily call.
“The DC Health Link suffered a major data breach yesterday, potentially exposing the personally identifiable information (PII) of thousands of enrollees. As a member or employee eligible for health insurance through the DC Health Link, your data may understood,” Szpindor said.
“Currently, I do not know the size and scope of the breach, but I have been informed by the Federal Bureau of Investigation (FBI) that the account information and the pit of hundreds of Mernber and House personnel were stolen.
“It is important to note that at this time it does not appear that any MPs or the House of Representatives were the specific target of the attack.”
Stolen data already for sale online
While the email sent by House CAO Szpindor does not contain any details regarding the stolen data, BleepingComputer has discovered that at least one threat actor (known as IntelBroker) is selling the information of members of the US House stolen from DC Health Link servers on hacking forum. .
A sample of data stolen with the header of the database shows that it contains the information of approximately 170,000 people concerned, including their names, dates of birth, addresses, e-mail addresses, telephone numbers , social security numbers and more (the full list is available below).
Subscriber ID,Member ID,Policy ID,Status,First Name,Last Name,SSN,DOB,Gender,Relationship,Benefit Type,Plan Name,HIOS ID,Plan Metal Level,Carrier Name,Premium Amount,Premium Total,Policy APTC,Policy Employer Contribution,Coverage Start,Coverage End,Employer Name,Employer DBA,Employer FEIN,Employer HBX ID,Home Address,Mailing Address,Work Email,Home Email,Phone Number,Broker,Race,Ethnicity,Citizen Status,Plan Year Start,Plan Year End,Plan Year Status
The data went on sale Monday, March 6, and IntelBroker claims it was stolen after violating the DC.gov Health Benefit Exchange Authority.
“I am looking for an undisclosed amount in XMR cryptocurrency. Contact me on keybase @IntelBroker. Broker only,” the threatening actor states.
The threat actor also claims that the stolen information has already been sold to at least one buyer.
A DC Health Link spokesperson was not immediately available for comment when contacted by BleepingComputer earlier today.