WASHINGTON — A top House official said that a “significant data breach” at the health insurance marketplace for Washington, D.C., on Tuesday potentially exposed personal identifiable information of hundreds of lawmakers and staff.
In a letter obtained by NBC News, Chief Administrative Officer Catherine L. Szpindor said Wednesday that the U.S. Capitol Police and the FBI had alerted her to a data breach at DC Health Link.
“Currently, I do not know the size and scope of the breach, but have been informed by the Federal Bureau of Investigation (FBI) that account information and [personally identifiable information] of hundreds of Member and House staff were stolen,” Szpindor said. “I expect to have access to the list of impacted enrollees later today and will notify you directly if your information was compromised.”
Szpindor added that it did not appear that House lawmakers were “the specific target of the attack” on DC Health Link.
The data breach has also affected Senate offices, according to an email sent to Senate offices Wednesday afternoon.
The notice said that the “data included the full names, date of enrollment, relationship (self, spouse, child), and email address, but no other Personally Identifiable Information (PII).”
The FBI, Capitol Police and DC Health Link did not respond to requests for comment.
A reporter for Punchbowl News first reported on Szpindor’s letter.
Out of an “abundance of caution,” Szpindor said, lawmakers may opt to freeze family credit at three major credit bureaus, Equifax, Experian and Transunion.
According to Szpindor’s letter, House Speaker Kevin McCarthy, R-Calif., and House Minority Leader Hakeem Jeffries, D-N.Y., requested additional information from DC Health Link on what data was taken, who was affected and what steps were being taken to protect House victims of the breach.