(Newsweek) Personal information of more than 3,000 congressional staffers has been leaked across the dark web in a wide-ranging cyberattack on the Capitol, according to reports.
Internet security firm Proton found over 1,800 passwords used by staffers in Congress available on the dark web, through an investigation of exposed accounts among U.S. political staffers, according to TheWashington Times.
Proton, which is based in Switzerland and worked with U.S.-based firm Constella Intelligence on the investigation, estimated that almost 1 in 5 congressional staffers had personal information available on the dark web. Proton said the leaks came from several sources, including social media, dating apps, and “adult websites.”
In one instance, the report found that a single staffer had 31 passwords exposed online. The full report said that around 3,191 staffers were affected by the leaks overall.
“Many of these leaks likely occurred because staffers used their official email addresses to sign up for various services, including high-risk sites such as dating and adult websites, which were later compromised in data breaches,” Proton told The Washington Times.
This situation highlights a critical security lapse, where sensitive work-related emails became entangled with less secure, third-party platforms.”
Eamonn Maguire, Proton’s head of account security, said: “The volume of exposed accounts among U.S. political staffers is alarming, and the potential consequences of compromised accounts could be severe.
“Vigilance and strict security measures are essential to safeguard personal and national security.”
Proton also said that it would publish more findings over the coming weeks in order to ensure the safety and validity of political systems during the election. The company also contacted all the affected congressional staffers and informed them of the leaks.
Newsweek contacted Proton and the U.S. House of Representatives for further comment.
