Federal officials are investigating a data breach of a District of Columbia health insurance marketplace that potentially exposed sensitive personal data on lawmakers, their families and congressional staffers.
House and Senate lawmakers were told Wednesday that hackers may have obtained access to their data via a breach hitting DC Health Link.
The FBI said in a statement Thursday that it was aware of the incident and was assisting.
House Chief Administrative Officer Catherine Szpindor told lawmakers and their staffs that the FBI believed data on hundreds of them was stolen, according to a letter from Ms. Szpindor obtained by Punchbowl News.
A sample of stolen data reviewed by The Associated Press included Social Security numbers, addresses, phone numbers and emails.
The Committee on House Administration said it’s trying to protect people from becoming victimized. “Chairman [Bryan] Steil is aware of the breach and is working with the CAO to ensure the vendor takes necessary steps to protect the [personally identifiable information] of any impacted member, staff and their families,” the committee tweeted Wednesday.
Records from the data breach appeared available for sale in an online crime forum by a broker who claimed the data was stolen Monday and who said it amassed info on 170,000 DC Health Link customers.
Precisely who is responsible for the breach is not immediately clear. A broker communicating in an encrypted chat with the AP said it was acting on behalf of a seller identified as thekilob.
• This article was based in part on wire-service reports.
