Hacker claims exposed database led to DC Health Link breach
This Risk & Repeat podcast episode covers the breach of health insurance exchange DC Health Link, as well as a hacker's claim that the breach was caused by an exposed database.
DC Health Link, a health insurance exchange based in Washington, D.C., suffered a data breach earlier this month, and an individual in possession of the data claimed the breach was caused by an exposed database.
The breach was first reported last week when U.S. House of Representatives members said their personal health data, as well as that of their families and staffs, was stolen in a data breach against the exchange. Although DC Health Link confirmed a breach in a statement to press at the time, more details came in a statement published to its website and on Twitter Friday.
According to the insurance exchange, the breach included personal data belonging to 56,415 customers. Though data fields varied by customer, compromised personal information included names, Social Security numbers, health plan and enrollee information, and more. On March 6, a hacker known as IntelBroker posted on a dark web forum attempting to sell the data, which the hacker said included information belonging to 170,000 individuals, in exchange for an undisclosed amount in the cryptocurrency Monero.
An additional wrinkle to the breach came Monday when another user on the same dark web forum using the alias Denfur, who had previously published sample data from the breach, created a thread supposedly aiming to clear up misinformation surrounding the breach.
Claiming to be a friend of IntelBroker, Denfur said the attack vector for the breach was an exposed, insecure database belonging to DC Health Link. Moreover, the poster said the database was likely exposed "for over a year and a half" before the breach occurred. TechTarget Editorial contacted DC Health Link in order to verify Denfur's claims, but a spokesperson declined to comment.
TechTarget editors Rob Wright and Alex Culafi discuss the DC Health Link breach, as well as how the breach may have occurred, in this episode of the Risk & Repeat podcast.
Subscribe to Risk & Repeat on Apple Podcasts and Spotify.
Alexander Culafi is a writer, journalist and podcaster based in Boston.