A data breach at Washington, D.C.-based health insurance marketplace DC Health Link has blown open a can of worms for the company, not to mention security concerns for those affected. Reportedly, members and staff of the US House of Representatives were affected by the data breach.
According to Daily Caller, whose chief national correspondent Henry Rodgers first reported the matter, the House Chief Administrative Officer Catherine Szpindor notified the House staff of the breach in a letter.
The letter spells out affected data to include personally identifiable information (PII) of thousands of enrollees. “Currently, I do not know the size and scope of the breach but have been informed by the Federal Bureau of Investigation (FBI) that account information and PII of hundreds of Members and staff were stolen,†Szpindor wrote.
“I expect to have access to the list of impacted enrollees later today and will notify you directly if your information was compromised.†DC Health Link provides healthcare insurance to House members and staff under the Affordable Care Act.
NEW: The Chief Administrative Officer of the House just emailed staffers/members to say there’s be a significant data breach at DC Health Link – the health insurance for House members and staff: @DailyCallerOpens a new window pic.twitter.com/XP9Ehg1r0pOpens a new window
— Henry Rodgers (@henryrodgersdc) March 8, 2023Opens a new window
While DC Health Link and the government ascertain the scope of the breach, a threat actor going by the name IntelBroker has claimed to have said data and is selling it on a cybercriminal forum. “Although no hacking group has yet claimed the attack, notorious threat actor IntelBroker is selling the stolen information on a hacking forum,†Nick Tausek, lead security automation architect at Swimlane, told Spiceworks.
IntelBroker claims they have data on 170,000 individuals. The threat actor, which emerged in October 2022, notes they have already sold the data, which they claim includes subscriber ID, policy ID, member ID, status, full names, Social Security numbers, dates of birth, gender, benefit types, relationship, plan names, plan metal level, HIOS ID, carrier names, premium amount, employers, home addresses, work and personal emails, phone numbers, citizen status, race, ethnicity, and more.
House Member and Staff Data Obtained in DC Health Link Data Breach | Source: Video ForensicsOpens a new window
See More: Acer Confirms Breach as Hacker Begins To Sell Stolen IP for Monero
“IntelBroker is already requesting payment in the form of cryptocurrency in exchange for the stolen information, so it is likely that this breach could turn into a ransom situation, with the government facing great pressure to resolve the situation given the level of confidentiality that comes along with the officials targeted,†Tausek continued to tell Spiceworks.
“In the event that this does become a ransom situation, however, the federal government should abide by its own advice and not pay the ransom — after all, paying the ransom does nothing to ensure that the data is not still sold, or utilized as leverage in a multiple-extortion campaign.â€
TThe FBI is investigating the incident. According to NBC News, House Speaker Kevin McCarthy (R-CA) and House Minority Leader Hakeem Jeffries (D-N.Y.), in a letter to the head of the DC Health Benefit Exchange Authority, said the FBI had purchased some of the data, including Social Security numbers from IntelBroker.
Tausek added, “It goes without saying that government officials are extremely hot targets for cybercriminals given their status, power, and the level of chaos that can ensue when these officials’ personal information is released to the public.â€
The breach can expose those affected to identity theft, financial crimes, and physical threats. In her letter, Szpindor recommended individuals freeze credit for the time being.
“To better defend against similar cyber incidents, it is essential that organizations adopt systemwide low-code security automation that enables them to leverage streamlined detection and implement proper incident response to ensure first-rate protection free of human error. By adopting low-code security automation tools, companies can achieve a cohesive protection strategy that prevents threat actors from accessing sensitive data,†Tausek said.
Let us know if you enjoyed reading this news on LinkedInOpens a new window , TwitterOpens a new window , or FacebookOpens a new window . We would love to hear from you!
Image source: Shutterstock