A "Big data breach" in the Washington, D.C. health insurance market that may have exposed personal information of hundreds of lawmakers and staff members, a senior House official said Tuesday.
In a letter obtained by NBC News today, the CEO (Kathryn L. Szbindor) said the US Capitol Police and the FBI have brought a data breach at DC Health Link, an online health service provider that manages health care, to its attention. Marketplace has plans for members of Congress and some Capitol Hill employees.
"At this time, I do not know the scale and scope of the breach, but the FBI has informed me that hundreds of lawmakers and House staffers have had their account information and personally identifiable information stolen," Spindall said. "I hope the list of affected employees arrives later today and I will notify you directly if your information is stolen," she added.
Szbindor added that the House members appear to have no intention of attacking DC Health Link.
The data breach also affected the Senate office, according to an email sent to the Senate chancellery Wednesday afternoon, in which it was stated that “Law enforcement notified the Senate censor of the data breach.
"The data included: full name, date of enrollment, relationship (individual, spouse, and child), and an email address, but no other personally identifiable information," the statement said.
A spokesperson for D.C. Health Exchange, which operates DC Health Link, said Wednesday that it had launched an investigation into the hack.
"We have launched a thorough investigation and are cooperating with detectives and law enforcement agencies," the spokesperson said in a statement. At the same time, we take measures to ensure the security and confidentiality of users' personal data. "We are notifying affected customers and will provide identity and credit monitoring services," he added.
The spokesperson said that a credit monitoring service has also been made available to all affected customers.
Out of "extreme caution," Szbindor said lawmakers could decide to freeze household loans at the three big credit bureaus: Equifax, Experian, and Transunion.