It did not appear that lawmakers were the specific target of the breach, Szpindor said. Speaker Kevin McCarthy (R-Calif.) and Democratic leader Hakeem Jeffries (D-N.Y.) have asked DC Health Link to provide further information, she added.
Senators and their staff were also affected by the breach, but it did not appear that data beyond their names and those of their family was exposed, the Associated Press reported.
The FBI told McCarthy and Jeffries that law enforcement officials found they could buy sensitive personal information from DC Health Link on the dark web, according to a letter sent by House leadership to the marketplace, “including names of spouses, dependent children, their social security numbers, and home addresses.”
“We have initiated a comprehensive investigation and are working with forensic investigators and law enforcement,” DC Health Link said in an email. “Concurrently, we are taking action to ensure the security and privacy of our users’ personal information.”
A broker on an online crime forum claimed to have records on 170,000 DC Health Link customers and was offering to sell the data, the AP reported. It was not able to verify the broker’s claim.