Cybercriminals recently hacked into DC Health Link and stole sensitive data belonging to approximately 17,000 people, including members of the US House of Representatives, and that data was then put up for sale on a hacking forum.
DC Health Link is a health insurance marketplace that supports health care plans for US House members, their employees and families.
Although officials could not share any details about the stolen data, BleepingComputer discovered that it was being sold by a cybercriminal operating under the name IntelBroker. The database includes names, dates of birth, addresses, email addresses, phone numbers, social security numbers, which is more than enough for a successful identity theft campaign.
Acknowledgment of infringement
Officials were notified of the breach via email from Catherine L. Szpindor, Administrative Director of the United States House of Representatives.
“DC Health Link suffered a major data breach yesterday, potentially exposing the personal information (PII) of thousands of registered individuals. As a member or employee eligible for health insurance through DC Health Link, your details may have been included,” Szpindor was quoted as saying. “I don’t currently know the size and scope of the breach, but the Federal Bureau of Investigation (FBI) has informed me that account information and Pitt of hundreds of Mernber and House employees were stolen.
“It should be noted that MPs or the House of Representatives do not appear to be a specific target at this time.”
The news was then confirmed in a publication by Adam Hudson, the public information officer at the Office for Exchange of Health Benefits. In a statement sent to the media, Hudson confirmed that some of the data stolen as a result of the breach was leaked online.
“We can confirm reports that some DC Health Link customer details have been leaked in a public forum. We have launched a comprehensive investigation and are cooperating with investigators and law enforcement. At the same time, we take steps to ensure the security and privacy of our users’ personal information. We are in the process of notifying affected customers and will provide identity and credit monitoring services. In addition, out of great care, we will also provide credit monitoring services to all of our customers. The investigation is still ongoing and we will provide more information as we have more to share.”
The database also includes subscriber IDs, member IDs, plan names, coverage start and end, business emails, race, ethnicity, citizenship status, and more.
It was put up for sale earlier this week, with IntelBroker claiming it was stolen during a DC.gov Health Benefit Exchange Authority violation.
“I am looking for an undisclosed amount in XMR cryptocurrency. Contact me on keybase @ IntelBroker. Broker only,” the ad read. The hacker also said that at least one person has already made a purchase.
By: Beeping Computer (opens in a new tab)