Serial hacker selling US House and Senate members' personal data

A health insurance company's security breach resulted in the exposure of 170,000 records, including those belonging to US House and Senate members.

Medical insurance company DC Health Link was breached, and the dataset with personal client information was listed for sale on the hacker forum. The exposed data included sensitive information of members of the House and Senate.

House Chief Administrative Officer Catherine Szpindor informed the affected politicians via an email shared by a reporter for the Daily Caller on Twitter.

The officer claimed that the scope of the breach is still unknown, but said that in collaboration with the FBI it expected to compile a list of affected US House and Senate members. Szpindor also urged potential victims to freeze their credit accounts to prevent identity theft.

Still publicly available

Reportedly, a threat actor referred to as "thekilob" or “IntelBroker” posted the dataset on a cybercriminal forum, claiming it contains records of 170,000 DC Health Link customers.

The forum included a sample of stolen data, including social security numbers, addresses, phone numbers, email addresses, and employer names of some of the customers. The records were claimed as stolen on Monday.

Cybernews tried to verify the information, but at the time of writing, the threat actor had been banned from the forum. However, the dataset containing the private data of DC Health Link was reposted by another threat actor, and was still publicly available on the same forum, according to a Cybernews researcher.

Screenshot from hacker forum | Source: Cybernews
Screenshot from hacker forum | Source: Cybernews

Data sold by a serial hacker

It is not the first high-profile breach posted by the same cybercriminal. Leaked data from US-based grocery delivery platform Weee! was posted on the cybercriminal forum by “IntelBroker”.

Wee! told Cybernews it was aware of the breach affecting some customers. The leaked logs included delivery notes that customers left for couriers, such as codes to enter residential or office buildings.

The threat actor listing Wee! data  | Source: Cybernews
Threat actor listing Wee! data | Source: Cybernews

In February, the same threat actor also leaked sensitive data of UScellular users. At the time, a spokesperson told Cybernews that the stolen data belonged to its customers and had been leaked during the recent breach of one of their third-party vendors.

The threat actor listing T-Mobile data  | Source: Cybernews
The threat actor listing T-Mobile data | Source: Cybernews

In January, US-based wireless carrier T-Mobile, reported that an unknown malicious individual had unlawfully accessed its network and obtained data on 37 million customers, which included their addresses, phone numbers, and dates of birth.

The dataset that was claimed to contain the stolen data from T-Mobile was also posted to cybercriminals forums under the name “IntelBroker”.

More from Cybernews:

LockBit adds Audio-Technica to victim list

TikTok suffers an outage

US cyber general warns Russia is not to be underestimated

ChatGPT Chrome extension pilfers Facebook accounts

Canadian engineering giant with military ties hit by ransomware

Subscribe to our newsletter

Leave a Reply

Your email address will not be published. Required fields are markedmarked