(Reuters) — A serious breach of a health care administrator serving the U.S. House of Representatives has potentially exposed the personal data of hundreds of lawmakers and their staff, representatives and a senior congressional official said in letters circulated on Wednesday.
One of the letters, which House Chief Administrative Officer Catherine Szpindor sent to members of Congress and seen by Reuters, said a “significant data breach” at DC Health Link had potentially exposed the personal information of thousands of enrollees.
“At this time, I do not know the size and scope of the breach,” Szpindor wrote, although she said the FBI had told her that “hundreds of House members and staff”; had been affected.
“At this time, it does not appear that members of the House of Representatives were the specific targets of the attack,” she added.
The CAO’s office confirmed the breach and said it was “deeply concerned”. DC Health Link said in a statement that “we can confirm reports that the data of some DC Health Link customers has been exposed in a public forum.”
It did not name the forum but said it was working with investigators and law enforcement. The FBI did not immediately return messages seeking comment.
Another letter sent on behalf of House Speaker Kevin McCarthy and House Minority Leader Hakeem Jeffries and shared with Reuters said the breach came from a “cyber hack” and that lawmakers and their families in both parties had been affected, calling the incident a “security emergency.” . crime.”
Both Republican and Democratic lawmakers released statements saying they were investigating.
News of the breach was first reported by a Daily Caller journalist on Twitter.