DCHealth
dchealthlink.com
About This Breach
The D.C. Health Link Data Breach, attributed to a Russian hacker named “Denfur” and motivated by Russian patriotism, has compromised sensitive healthcare information of 56,415 customers, including Congress members and their families. The breach, first reported on March, 2023, involved names, email addresses, Social Security numbers, and insurance details. Despite its low technical sophistication, the breach was effective, exposing a wide range of individuals in the D.C. area to potential identity theft and cyberattacks.
Data Exposed
Breach Details
| Breach Type | Data Breach |
| Searchable | No |
| Verified | Yes |
| Sensitive Data | Yes Sensitive |
| Reference | No reference available |
Frequently Asked Questions
When did the DCHealth data breach happen?
DCHealth was breached in Mar 2023. The breach was added to the XposedOrNot index on April 10, 2024.
How many records were exposed in the DCHealth breach?
48,184 records were exposed, making it the #719 largest of the 763 breaches in our index.
What data was exposed in the DCHealth breach?
The exposed data includes: Email addresses, Ethnicities, Genders, Phone numbers, Names, Physical addresses, Social security numbers.
What should I do if I was affected by the DCHealth breach?
Change your password on the affected service (and anywhere you reused it), turn on two-factor authentication, and set up free breach alerts on XposedOrNot so you know the moment your email appears in a new breach.
More Health Care Breaches
What Should You Do?
Enable Two-Factor Authentication
Add 2FA on all supported accounts using an authenticator app like Google Authenticator or Authy.
Place a Fraud Alert
Contact credit bureaus to place a fraud alert or credit freeze to prevent identity theft.
Watch for Phishing Calls & SMS
Be cautious of unexpected calls or texts asking for personal information.
Beware of Scam Mail
Be skeptical of unexpected correspondence requesting personal details.
Monitor Your Accounts
Set up login alerts and review account activity regularly for suspicious access.