Kevin McCarthy and Hakeem Jeffries demand answers on ‘significant’ data breach affecting members and staff
House leadership from both parties is demanding answers about the ‘significant data breach’ of DC Health Link resulting in personal information like Social Security numbers of House members and their staff being sold on the ‘dark web.’
House Speaker Kevin McCarthy and House Minority Leader Hakeem Jeffries wrote to DC Health Benefit Exchange Authority Executive Director Mila Kofman Wednesday, seeking more information on the data breach of DC Health Link, a health insurance marketplace used by hundreds of congressional offices.
‘At this moment, the cause, size and scope of the data breach affecting DC Health Link could not be determined by the FBI,’ the letter states.
‘Thousands of House Members and employees from across the United States have enrolled in health insurance through DC Health Link for themselves and their families since 2014. The size and scope of impacted House customers could be extraordinary.’
The letter notes that the breach of data includes personal identifiable information (PII), like Social Security numbers.
‘The Federal Bureau of Investigation (FBI) also informed us that they were able to purchase this PII, along with other enrollee information on the ‘dark web’ breached from your systems, including names of spouses, dependent children, their Social Security numbers, and home addresses,’ the letter states.
‘This breach significantly increases the risk that Members, staff, and their families will experience identity theft, financial crimes, and physical threats — already an ongoing concern.’
The letter notes that, ‘fortunately, the individuals selling the information appear unaware of the high-level sensitivity of the confidential information in their possession, and its relation to the Members of Congress.
‘This will certainly change as media reports more widely publicize the breach.’
The House Chief Administrative Office emailed House staffers and members Wednesday informing them of the breach ‘exposing the Personal Identifiable Information (PII) of thousands of enrollees.’
In the email, the CAO gives information to members and staff about how to freeze their credit.
‘We are deeply concerned about DC Health Link’s data breach and the impact on our members and staff. We will continue to communicate any updates we receive from law enforcement to impacted members and staff,’ a CAO spokesperson told Fox News Digital.
Senate staffers also received a similar memo from their ‘Senate Operations Center’ regarding a breach.