DC Health Link 2023 Data Breach

DC Health Link 2023 Data Breach: Congressional and Member Data Exposed

Healthcare / Health Insurance Marketplace / Government / Consumer

DC Health Link 2023 Data Breach: Congressional and Member Data Exposed

Health-insurance marketplace for the District of Columbia.

Confirmed · ObscureIQ Intelligence
Limited DisclosureThis breach involves high-visibility individuals, so confirming who appears in it could enable targeting. We do not disclose presence publicly or to third parties. Check your own exposure privately below.
Breach Risk Index i
44/100
Lower riskHigher risk
Moderate: notable exposure with meaningful misuse potential.
Data Sensitivity i
Restricted
Being associated with this breach can itself be harmful. Disclosure is limited and presence is not confirmed to unverified parties.
48KRecords
2023Year

The Breach Risk Index (BRI) is a proprietary 0–100 score rating how dangerous a breach is right now, based on how recently the data has been circulating on the dark web and how valuable it is to attackers.

Crucial data exposed
SSNSocial Security Number
AddressPhysical address
Classification Tags
HealthcareMedical2023

Breach Summary

In March 2023 DC Health Link exposed data on about 56,415 customers, including Members of Congress, staff and families. Exposed data included names, Social Security numbers, dates of birth, gender, health-plan and employer information, citizenship status, ethnicity and contact details; a misconfigured server was cited as the likely cause.

Full threat analysis, exploitation vectors, and principal guidance below.

10 additional sections · verified field analysis · defensive doctrine

Querying breach corpus…
Cross-referencing exposed field types…
Resolving threat-actor attribution…
Compiling principal risk advisory…

48K records analyzed

About DC Health Link

DC Health Link is the health-insurance exchange for the District of Columbia, covering DC residents including Members of Congress and their staff and families.

Why They Hold Your Data

A health-insurance marketplace holds enrollee identity and contact data, SSNs, dates of birth, gender, citizenship/ethnicity, and health-plan and employer information.

Recent Developments

A March 2023 exposure, attributed to a misconfigured server, drew Congressional hearings given the affected population.

Data Points Exposed

11 verified field types
Date of Birth High
Email Address
Employer
Ethnicity Or Race
Full Name
Gender
Nationality Or Citizenship
Phone Number
Physical address High
Social Security Number Critical
Transaction History

Breach Impact

The breach triggered Congressional oversight hearings and heightened concern about targeting of lawmakers, their staff and families.

Exploitation & Downstream Threats

• Identity theft and synthetic identity construction using government-issued IDs | • Identity verification bypass using name + date of birth combination | • SIM swap attacks where phone numbers are present | • Targeted phishing campaigns using exposed email addresses | • Doxxing risk from physical address exposure | • Employment-based social engineering using job and employer data

Principal Risk Advisory

What this means for a principal

A healthcare-linked breach: exposure ties a named individual to a provider relationship and, where clinical or insurance data is present, to conditions and treatment. For a high-profile principal this is targeting-grade, not merely identity-theft-grade: the combination lets an adversary locate, impersonate, or pressure the principal with little additional work.

What You Should Do

  1. Freeze credit at all three bureaus and monitor for new-account and tax-refund fraud.
  2. Treat the home address as exposed: review mail and package handling and physical-security routines, and brief household staff to verify unusual requests.
  3. Guard against SIM-swap and vishing: add a carrier port-out PIN and verify any 'support' calls independently.
  4. Do not use unofficial 'am I affected' lookups; several are themselves harvesting operations.

How ObscureIQ Can Help

  1. Corpus confirmation: determine whether and where the principal (plus household and staff) appear in this dataset and which specific fields are exposed for them.
  2. Exposure mapping and footprint neutralization: cross-reference against broker-available data and suppress still-removable elements, prioritizing address and phone, since this record re-seeds broker networks.
  3. ThreatWatch tuned to this incident's identifiers and misuse pattern (impersonation and targeting patterns, not generic credential monitoring).

Protect Yourself

Protect Yourself: Limited Disclosure

Check If You’re Affected: Verification Required

Because this breach involves public-facing or high-profile individuals, confirming anyone’s presence could aid harassment or targeting. We confirm exposure only to the individual concerned. Verify your identity to privately check your own exposure.

We will only confirm whether a specific person appears in this breach to that person.

Get Free Breach Alerts

Be the first to know when new breaches are disclosed. Free forever — confirm your email with a 6-digit code.

High-Risk? Get an Exposure Audit

Executives, public figures, and high-visibility operators can receive tailored exposure intelligence and hardening guidance.

Request Consultation