
A cyberattack targeting the U.S. Capitol has resulted in the personal information of over 3,000 congressional staffers being leaked onto the dark web. This breach was uncovered by Proton, a Switzerland-based cybersecurity firm, which worked alongside Constella Intelligence to investigate the extent of the damage.
According to Proton’s findings, about 1 in 5 Capitol Hill staffers had their personal data exposed as a result of the attack. The investigation revealed that more than 1,800 passwords linked to Capitol staffers were leaked. These passwords were compromised when staffers used their official government email addresses to sign up for various high-risk platforms, including dating apps, social media, and adult websites.
In one particularly alarming case, a Capitol Hill employee had 31 different passwords exposed online. Overall, the breach affected 3,191 staffers, highlighting widespread vulnerabilities in how government employees handle their personal cybersecurity.
Proton stated that many of the exposed passwords ended up on the dark web due to staffers using official email addresses for non-governmental services. These platforms were later breached, leaving sensitive information available for purchase or exploitation by hackers.
The breach has raised concerns about how Capitol Hill staffers handle their personal data, especially when using official email addresses for personal accounts. Cybersecurity experts are calling for stricter measures to protect sensitive government information and prevent future breaches of this scale. The attack serves as a warning about the dangers of mixing official emails with personal accounts on insecure websites.