Lawmaker and Staffer Health Data Exposed in Insurance Breach


The attack on local insurance company DC Health Link threatens to expose personal information of House lawmakers and Hill staffers.

Sensitive health data from both lawmakers and staffers in the U.S. House of Representatives has been compromised following a cyberattack on a District of Columbia health insurance provider.

Multiple outlets reported Wednesday that DC Health Link suffered a data breach earlier this week. The company confirmed to Nextgov that data for select DC Health Link customers had been exposed on an unnamed public forum. Following the breach, the company said it is working with law enforcement and forensic investigators to determine the scope of the breach and mitigate its effects. 

“We are taking action to ensure the security and privacy of our users’ personal information,” DC Health Link said in a statement. “We are in the process of notifying impacted customers and will provide identity and credit monitoring services. In addition, and out of an abundance of caution, we will also provide credit monitoring services for all of our customers.”

News that staff and lawmakers within the House had been impacted by this breach broke later on Wednesday, with reporters citing a letter sent from the House Chief Administrative Office to chamber members. 

A spokesperson for the CAO told Nextgov that the office is “deeply concerned” about the data breach at DC Health Link and its impact on members of Congress and staff. 

“We will continue to communicate any updates we receive from law enforcement to impacted members and staff,” the spokesperson said. 

While the spokesperson couldn’t confirm the validity of the letter obtained by several news outlets and signed by CAO Chief Administrative Officer Catherine Szpindor, the document noted that legislators and their staff did not appear to be intended targets of the cyberattack on DC Health Link. It also suggested that lawmakers and staffers who are customers of DC Health Link and may have had personal information compromised freeze their credit “out of an abundance of caution.”

The letter also stated that House Speaker Rep. Kevin McCarthy, R-Calif., and Minority Leader Hakeem Jeffries, D-N.Y., have requested more information on the breach from DC Health Link.

Cybersecurity has been a popular topic on Capitol Hill as data breaches increasingly impact national security. Bills, executive orders, and a new National Cyber Strategy all prioritize strengthening the nation’s digital defenses as cyber threats have become more pervasive.