More than 3,000 congressional staffers had their personal information leaked in a significant cyberattack targeting the U.S. Capitol. The breach, uncovered by Swiss cybersecurity firm Proton, revealed that many Capitol Hill employees had used their official email addresses to sign up for risky online platforms like dating apps and adult websites.
Proton worked alongside the U.S.-based Constella Intelligence to investigate the breach. Their findings showed that 1 in 5 Capitol Hill staffers had personal data available on the dark web. The investigation revealed that 1,800 passwords were leaked online, putting the security of sensitive information at risk.
In a statement to The Washington Times, Proton said the exposure was largely due to staffers using their government email addresses for non-work-related purposes, often on compromised platforms. These platforms were involved in previous data breaches, which led to Capitol staffers’ passwords and other sensitive data being released.
One alarming case involved a single Capitol employee who had 31 passwords exposed. Overall, the breach affected 3,191 staffers, highlighting the need for better cybersecurity practices within government offices.
This incident serves as a reminder of the importance of safeguarding personal information, especially for those in sensitive government positions. The fallout from this attack is expected to continue as security experts assess the potential impact.