Hundreds of US lawmakers and their families are at risk of identity theft, financial scams, and potentially even physical threats after a known info-theft threat actor called IntelBroker made House of Representatives members’ personally identifiable information (PII) available for sale on the “Breached” criminal forum.
The information, confirmed as being obtained via a breach at health insurance marketplace DC Health Link, includes names, Social Security numbers, birth dates, addresses, and other sensitive identifying information. The data on the House members was part of a larger data set of PII belonging to more than 170,000 individuals enrolled with DC Health Link that the threat actor put up for sale this week.
DC Health Link: A Significant Breach
In a March 8 email to members of the House and their staff, US House Chief Administrative Officer Catherine Szpindor said the attack on DC Health Link does not appear to have specifically targeted US lawmakers. But the breach was significant and potentially exposed PII on thousands of people enrolled with DC Health Link.
“The FBI also informed us that they were able to purchase this PII, along with other enrollee information, on the Dark Web,” Speaker of the House Kevin McCarthy (R-Calif.) and House Minority Leader Hakeem Jeffries (D-N.Y.) said in a joint letter to the executive director at DC Health Link on March 8. The letter sought specifics from the health exchange on the breach, including details on the full scope of the attack and DC Health Link’s plans to notify affected individuals and offer credit monitoring services for them.
Despite the letter, details of the intrusion at DC Health Link are not yet available. The organization, governed by an executive board appointed by the DC mayor, did not immediately respond to a request for comment on the incident.
A report in BleepingComputer this week first identified the threat actor as the appropriately named IntelBroker, after the cybercriminals put the stolen data up for sale on March 6. According to the underground forum ad, the data set is available for “an undisclosed amount in Monero cryptocurrency.” Interested parties are asked to contact the sellers via a middleman for details.
IntelBroker’s Resume of Previous Breaches
This is not the first big heist for the group: A threat actor, using the same moniker in February, had claimed credit for a breach at Weee!, an Asian and Hispanic food delivery service. IntelBroker later leaked some 1.1 million unique email addresses and detailed information on over 11.3 million orders placed via the service.
Security vendor BitDefender, which covered the incident in its blog at the time, published an ad that IntelBroker placed on BreachedForums that showed the attacker boasting about obtaining full names, email addresses, phone number, and even order notes which included apartment and building access codes.
Meanwhile, Chris Strand, chief risk and compliance officer at Cybersixgill says his company has been tracking IntelBroker since 2022 and is about to release a report on the actor. “IntelBroker is a highly active Breached member with an 9/10 reputation score, who claimed in the past to be the developer of Endurance ransomware,” Strand says.
IntelBroker’s use of Breached to sell the health exchange PII, instead of a dedicated leak site or a Telegram channel, is consistent with the threat actor’s previous tactics. It suggests either a lack of resources or inexperience on the individual’s part, Strand says.
“In addition to IntelBroker’s presence on Breached, the threat actor has maintained a public GitHub repository titled Endurance-Wiper,” he tells Dark Reading.
In November, IntelBroker claimed that it used Endurance to steal data from high level US government agencies, Strand notes. The threat actor has in total made some 13 claims about breaching top US government agencies, likely to attract customers to a ransomware-as-a-service (RaaS) program. Other organizations that IntelBroker claims to have broken into include Volvo, cult footwear maker Dr. Martens, and an Indonesian subsidiary of The Body Shop.
“Our intelligence analysts have been tracking IntelBroker since 2022, and we have been collecting intel attributed to that threat actor since then, as well as associated threats that have been related or attributed to IntelBroker,” Strand says.
Is House Members’ PII a National Security Threat?
Justin Fier, senior vice president of red team operations at Darktrace, says the threat actor’s reason for putting the data up for sale appears to be purely financially motivated rather than political. And given the high profile of the victims, IntelBroker may find that the attention the breach is garnering will increase the value of the stolen data (or bring more heat than it would like).
The buyers might be another story. Given the availability of physical addresses and electronic contact information, the kinds of potential follow-on attacks are myriad, ranging from social engineering for identity theft or espionage, to physical targeting, meaning that interested parties could run the gamut in terms of motivation.
“The amount tells you a great deal about who they may be thinking of in terms of buyers,” he says. If all that the threat actor ends up asking is a couple of thousand dollars, they are likely to be a smaller criminal enterprise. But “you start talking millions, they are clearly then catering to nation-state buyers,” he says.
Fier assesses that the data that the threat actor stole on US House members as potentially posing a national security issue. “We shouldn’t only think external nation-states that might want to purchase this,” Fier says. “Who is to say that other political parties and/or activists couldn’t weaponize it?”
- SEO سے چلنے والا مواد اور PR کی تقسیم۔ آج ہی بڑھا دیں۔
- پلیٹو بلاک چین۔ Web3 Metaverse Intelligence. علم میں اضافہ۔ یہاں تک رسائی حاصل کریں۔
- ماخذ: https://www.darkreading.com/application-security/us-lawmakers-cyberattacks-physical-harm-dc-health-link-breach
- : ہے
- $UP
- 000
- 1
- 11
- 2022
- 7
- 8
- a
- قابلیت
- ہمارے بارے میں
- تک رسائی حاصل
- کے مطابق
- فعال
- سرگرم کارکنوں
- Ad
- اس کے علاوہ
- پتے
- انتظامی
- کے بعد
- ایجنسیوں
- تمام
- رقم
- تجزیہ کار کہتے ہیں
- اور
- ایک اور
- اپارٹمنٹ
- ظاہر
- مقرر کردہ
- مناسب طریقے سے
- کیا
- AS
- ایشیائی
- منسلک
- At
- حملہ
- حملے
- توجہ
- دستیابی
- دستیاب
- BE
- بگ
- سووڈنگ کمپیوٹر
- بلاگ
- بورڈ
- جسم
- خلاف ورزی
- لانے
- ٹوٹ
- عمارت
- خریدار
- by
- کہا جاتا ہے
- کیتھرین
- چینل
- چیف
- کرس
- دعوی کیا
- دعوے
- واضح طور پر
- جمع
- تبصرہ
- کمپنی کے
- تعمیل
- منسلک
- متواتر
- رابطہ کریں
- سکتا ہے
- جوڑے
- کریڈٹ
- فوجداری
- cryptocurrency
- پنت
- گاہکوں
- سائبرٹیکس
- گہرا
- گہرا پڑھنا
- گہرا ویب
- اعداد و شمار
- ڈیٹا سیٹ
- تواریخ
- dc
- نمٹنے کے
- وقف
- ترسیل
- تفصیلی
- تفصیلات
- ڈیولپر
- DID
- ڈائریکٹر
- ڈالر
- یا تو
- الیکٹرانک
- ای میل
- ختم ہو جاتا ہے
- انجنیئرنگ
- اندراج
- انٹرپرائز
- جاسوسی
- بھی
- ایکسچینج
- ایگزیکٹو
- ایگزیکٹو ڈائریکٹر
- بیرونی
- چہرہ
- خاندانوں
- ایف بی آئی
- فروری
- مالی
- مالی طور پر
- مل
- پہلا
- کھانا
- خوراک کی ترسیل
- کے لئے
- فورم
- سے
- مکمل
- GitHub کے
- دی
- حکومت
- عظیم
- گروپ
- ہے
- صحت
- صحت کی انشورنس
- ڈکیتی
- ہائی
- انتہائی
- ہاؤس
- نمائندوں کا گھر۔
- HTTPS
- کی نشاندہی
- کی نشاندہی
- شناختی
- فوری طور پر
- in
- واقعہ
- شامل
- شامل
- شامل ہیں
- سمیت
- اضافہ
- انفرادی
- افراد
- انڈونیشی
- معلومات
- مطلع
- کے بجائے
- انشورنس
- انٹیل
- انٹیلی جنس
- دلچسپی
- مسئلہ
- IT
- میں
- مشترکہ
- فوٹو
- جانا جاتا ہے
- نہیں
- بڑے
- قانون ساز
- رہنما
- لیک
- خط
- سطح
- کی طرح
- امکان
- LINK
- بنا
- میکر
- مارچ
- بازار
- میئر
- مطلب
- رکن
- اراکین
- شاید
- دس لاکھ
- لاکھوں
- اقلیت
- مونیرو
- نگرانی
- زیادہ
- حوصلہ افزائی
- پریرتا
- نامزد
- نام
- قومی
- قومی سلامتی
- نوٹس
- نومبر
- تعداد
- تعداد
- حاصل کی
- حاصل کرنا
- of
- پیش کرتے ہیں
- افسر
- on
- آپریشنز
- حکم
- احکامات
- تنظیم
- تنظیمیں
- دیگر
- حصہ
- جماعتوں
- گزشتہ
- لوگ
- ذاتی طور پر
- فون
- جسمانی
- کی منصوبہ بندی
- پلاٹا
- افلاطون ڈیٹا انٹیلی جنس
- پلیٹو ڈیٹا
- سیاسی
- سیاسی جماعتیں
- ممکنہ
- ممکنہ طور پر
- کی موجودگی
- صدر
- پچھلا
- پروفائل
- پروگرام
- عوامی
- شائع
- خرید
- خالص
- ڈال
- ڈالنا
- لے کر
- ransomware کے
- بلکہ
- پڑھنا
- وجہ
- ریڈ
- متعلقہ
- جاری
- رپورٹ
- ذخیرہ
- نمائندگان
- شہرت
- درخواست
- وسائل
- جواب
- تجربے کی فہرست
- رسک
- رن
- s
- کہا
- فروخت
- اسی
- کا کہنا ہے کہ
- گھوٹالے
- گنجائش
- سیکورٹی
- بیچنے والے
- سینئر
- حساس
- سروس
- سروسز
- مقرر
- دکان
- اہم
- بعد
- سائٹ
- چھوٹے
- سماجی
- معاشرتی انجینرنگ
- کچھ
- اسپیکر
- خاص طور پر
- سٹاف
- شروع کریں
- چرا لیا
- چوری
- کہانی
- ماتحت
- پتہ چلتا ہے
- حکمت عملی
- بات کر
- ھدف بنائے گئے
- ھدف بندی
- ٹیم
- تار
- بتاتا ہے
- شرائط
- کہ
- ۔
- چوری
- ان
- ان
- سوچنا
- اس ہفتے
- ہزاروں
- خطرہ
- خطرات
- وقت
- عنوان
- کرنے کے لئے
- سب سے اوپر
- کل
- ٹریکنگ
- منفرد
- us
- امریکی حکومت
- یو ایس ہاؤس
- امریکی قانون ساز
- استعمال کی شرائط
- قیمت
- وینڈر
- کی طرف سے
- نائب صدر
- متاثرین
- وولوو
- ویب
- ہفتے
- اچھا ہے
- جس
- ڈبلیو
- گے
- ساتھ
- گا
- تم
- زیفیرنیٹ