DC Health Link Breach Could Lead to Lawmaker Blackmail, Extortion

DC Health Link, the Washington, D.C., health insurance marketplace, recently suffered a breach impacting more than 56,400 customers. That list includes federal lawmakers and their families.

One cybersecurity expert said the stolen data could easily be used for blackmailing and extorting lawmakers.

DC Health Link confirmed the breach on its website. It said the breach has impacted 56,415 customers. Among the stolen data are names, Social Security numbers, dates of birth, gender, health plan information, employer information and enrollee information.

The health insurance marketplace has offered impacted customers three years of free identity and credit monitoring for all three major credit bureaus. It’s also offering three years of monitoring to all other customers.

In the meantime, DC Health Link said the investigation into the breach is continuing. It also said its services are running normally and “we continue to operate in a state of heightened alert.”

Cybersecurity analyst Chris Krebs on Sunday told CBS News that a Russian-linked cybercriminal is likely behind this breach.

“Russia allows a very pervasive environment and permissive environment for cybercriminals,” he said. “It actually helps the kind of broader Russian strategic objective to undermine confidence in the U.S.’s ability to protect citizens. It actually brings a significant amount of revenue into Russia.”

Scroll through our slideshow above for the very latest on the DC Health Link breach.