Significant hack potentially exposes lawmakers’ personal data
(Reuters) — A serious breach at a health care administrator serving the U.S. House of Representatives has potentially exposed the personal data of hundreds of lawmakers and their staff, representatives and a senior Congressional official said in letters circulated Wednesday.
One of the letters, which House Chief Administrative Officer Catherine Szpindor sent to members of Congress and which Reuters saw, said a "significant data breach" at DC Health Link had potentially exposed the personal information of thousands of enrollees.
“Currently, I do not know the size and scope of the breach, Ms. Szpindor wrote, although she said the FBI had told her that “hundreds of Members and House staff” had been affected.
“At this time, it does not appear that Members of the House of Representatives were the specific targets of the attack,” she added.
The CAO's office confirmed the breach and said it was “deeply concerned.” DC Health Link said in a statement that “we can confirm reports that data for some DC Health Link customers has been exposed on a public forum.”
It did not name the forum but said it was working with investigators and law enforcement. The FBI did not immediately return messages seeking comment.
Another letter sent on behalf of House Speaker Kevin McCarthy and House Minority Leader Hakeem Jeffries and shared with Reuters said the breach came from a “cyber hack” and that lawmakers and their families in both parties had been hit, calling the incident an "egregious security breach."
Republican and Democratic lawmakers alike released statements saying they were investigating.
News of the breach was first reported by a Daily Caller journalist on Twitter.
