Foreign actors suspected in hack of DC Obamacare exchange, theft of House members' personal data

A malign foreign actor could be behind the theft of personally identifiable information of hundreds of House members and staff in the hack of an Obamacare health insurance exchange in the nation's capital, according to the chair of the House Administration Committee.

Lawmakers and their staff were notified a few days ago by the House chief administrative officer of the hack of the D.C. Health Link exchange.

While a perpetrator hasn't been identified, foreign influence is suspected, House Administration Chairman Bryan Steil told Just the News on Tuesday.

"There's a very detailed forensic audit ongoing about this," Steil said on the John Solomon Reports podcast. "Until that's completed, we don't have full answers to that. But it's not lost on any of us that there are both nefarious international actors as well as criminal gangs that try to get this to sell it for profit and are engaged in these types of data breaches all across the United States every single day."

House Chief Administrative Officer Catherine Szpindor sent a letter last week to those affected by the hack.

"Currently, I do not know the size and scope of the breach, but have been informed by the Federal Bureau of Investigation (FBI) that account information and PII of hundreds of Member[s] and House staff were stolen," Szpindor wrote. "I expect to have access to the list of impacted enrollees later today and will notify you directly if your information was compromised. DC Health Link will also likely contact you."

Out of caution, members should consider freezing their credit, the letter advised. 

"Speaker McCarthy and Democratic Leader Jeffries have formally requested additional information from DC Health Link," Szpindor reported, "on what data was taken, who was impacted, and what steps they are taking — including providing credit monitoring protections — to protect House victims of this breach." 

Former director of the Cybersecurity and Infrastructure Security Agency Christopher Krebs surmised Sunday on "Face the Nation" that the hack could possibly be linked to a "Russian-linked cyber criminal." The former official, a key figure in federal efforts to recruit nongovernmental organizations to monitor and suppress alleged election "disinformation," cited no specific evidence for his speculation.

Steil emphasized the importance of getting to the bottom of the hack so it doesn't happen to anyone else. 

"Today, this is members and staff and others in Washington, D.C.," he said, "but tomorrow, this could be somebody sitting in my home in Janesville, Wisconsin or Kenosha, Wisconsin or anywhere else across the country as we continue to see nefarious actors engaged in identity theft and engage in data breaches across the country."