Lawmakers Demand Answers for DC Exchange Breach That Exposed Data

A breach at DC Health Link that exposed protected health information for at least 17 current or former members of Congress plus hundreds of congressional staff resulted from human error in the form of a misconfigured database, the head of the health exchange testified.

At a joint hearing on April 19, members of two House subcommittees grilled Mila Kofman, executive director of the District of Columbia Health Benefit Exchange Authority, on the breach, which resulted in some information being posted on the dark web. [1]

“The cause of this breach is a server that was misconfigured, which allowed access to the two stolen reports without proper authentication,” Kofman told the House Administration Committee’s Oversight Subcommittee and the Committee on Oversight and Accountability Subcommittee on Cybersecurity, Information Technology, and Government Innovation. “To be clear, it was a human mistake.”

This document is only available to subscribers. Please log in or purchase access.
 


Would you like to read this entire article?

If you already subscribe to this publication, just log in. If not, let us send you an email with a link that will allow you to read the entire article for free. Just complete the following form.

* required field