Threat actors breached the DC Health Link network, the healthcare administrator that serves the U.S. House of Representatives. Researchers say the data breach impacted roughly 170,000 persons.
Among those, there are hundreds of U.S. House members, their staff, top representatives, and a senior Congressional official. They might all have their personal data leaked on dark forums as we speak.
Although this ransomware attack does not seem to purposely target the House of Representatives, the FBI is investigating the incident.
What Kind of Data Was Stolen
According to Bleepingcomputer, a threat actor known as IntelBroker already sold a database extracted from DC Health Link’s servers. The sample contains personal information about 170,000 people:
- Complete name,
- Date of birth,
- Home and email address,
- Phone number,
- Social security number,
- Policy APTC, etc.
A sensitive information data leakage can lead to impersonation, phishing attacks, and blackmail.
The data was posted for sale on Monday, March 6, and IntelBroker claims it was stolen after breaching the DC. gov Health Benefit Exchange Authority.
The threat actor announced that he`s interested in XMR crypto currency and has already sold the database to one client.
What Did the U.S. House Have to Say?
The House’s Chief Administrative Officer Catherine Szpindor (CAO) announced the members of Congress about the attack. She said that a ”significant data breach” at DC Health Link had allegedly exposed the personal information of thousands of members.
Although she stated that the FBI claims ”hundreds of Member and House staff” are affected, Szpindor also added that:
At this time, it does not appear that Members of the House of Representatives were the specific targets of the attack.
The letter also advised the affected people to freeze family credits, to protect themselves from potential identity theft.
And if you liked this article, follow us on LinkedIn, Twitter, Facebook, and YouTube for more cybersecurity news and topics.
Do you work for an NHS Trust? Heimdal is giving you free ransomware licenses to combat growing cyber attacks.
Get your free ransomware protection here.