(NextGov) A service that sells personal data to identity thieves has been getting its wares from hacked data brokers storing information similar to what Obamacare marketplaces plan to use, setting the scene for fraudsters to collect government subsidies.

According to a new investigative report by cybersecurity researcher Brian Krebs, the service, known as SSNDOB, hacked LexisNexis and other large data aggregators that supply ID check information.

Lenders, health insurers, and other organizations that need to confirm who they are dealing with use this information for knowledge-based authentication — screening that quizzes a user about information only the valid user is likely to know, such as a former home address or parent’s middle name.

Note: Read our discussion guidelines before commenting.