WASHINGTON – A “significant data breach” in Washington, DC’s health insurance marketplace potentially exposed the personally identifiable information of hundreds of lawmakers and staffers, a top House official said Tuesday.
In a letter obtained by NBC News, Chief Administrative Officer Katherine L. Szpindor said Wednesday that the US Capitol Police and the FBI had alerted him about the data breach at DC Health Link.
“At present, I do not know the size and scope of the breach, but have been informed by the Federal Bureau of Investigation (FBI) that account information and [personally identifiable information] Hundreds of members and House staff were stolen,” Szpindor said. “I expect to have access to the list of affected enrollees later today and will notify you directly if your information was compromised.”
Szpindor said it did not appear House legislators were a “specific target of attack” over the DC Health link.
The data breach has also affected Senate offices, according to an email sent to Senate offices on Wednesday afternoon.
The notice states that “the data includes full name, date of enrollment, relationship (self, spouse, child), and email address, but no other personally identifiable information (PII).”
NBC News has contacted the FBI, Capitol Police and DC Health Link for comment.
a reporter for punchbowl news Szpindor’s letter first reported.
Szpindor said, “out of an abundance of caution,” lawmakers may choose to freeze family credit at the three major credit bureaus, Equifax, Experian and TransUnion.
According to Szpindor’s letter, House Speaker Kevin McCarthy, R-Calif., and House Minority Leader Hakeem Jefferies, DN.Y, requested additional information from DC Health Link on what data was taken, who was affected and why What steps were being taken to protect the victims of the violations.