A massive cyberattack has exposed the personal information of over 3,000 congressional staffers on the dark web, according to reports.
Switzerland-based security firm Proton, in collaboration with U.S.-based Constella Intelligence, uncovered the leak, which includes more than 1,800 passwords belonging to Capitol Hill staffers.
Proton’s investigation revealed that nearly 1 in 5 congressional staffers had sensitive information compromised, with the data leaks originating from a variety of sources like social media, dating apps, and adult websites.
Many staffers reportedly used their official email addresses for these services, leading to the breaches.
One alarming case found a single staffer with 31 exposed passwords, while the overall leak impacted around 3,191 individuals.
Proton warned that compromised sites had made this information accessible to malicious actors on the dark web.
In a statement to The Washington Times, Proton noted, “Many of these leaks likely occurred because staffers used their official email addresses to sign up for various services, including high-risk sites such as dating and adult websites, which were later compromised in data breaches.”
The breach has raised significant concerns about the security of personal data within government institutions.
LOOK:
Thousands Of Capitol Hill Staffers’ Info Compromised After Using Gov’t Emails On Dating, Porn Sites https://t.co/5z5jvSHoCu
— IJR (@TheIJR) September 24, 2024
The leak has not only compromised sensitive information but also made it accessible to malicious actors on the dark web, raising concerns about potential misuse and exploitation.
As investigations continue, cybersecurity experts stress the need for stricter protocols and greater awareness among government employees to protect their digital identities.
The breach serves as a critical reminder of the growing threat of cyberattacks and the importance of safeguarding personal information, particularly for those in sensitive roles.
Government agencies will likely face increased pressure to enhance their cybersecurity measures to prevent further breaches of this magnitude.