A service that sells personal data to identity thieves has been getting its wares from hacked data brokers storing information similar to what Obamacare marketplaces plan to use, setting the scene for fraudsters to collect government subsidies. 

According to a new investigative report by cybersecurity researcher Brian Krebs, the service, known as SSNDOB, hacked LexisNexis and other large data aggregators that supply ID check information.

Lenders, health insurers, and other organizations that need to confirm who they are dealing with use this information for knowledge-based authentication -- screening that quizzes a user about information only the valid user is likely to know, such as a former home address or parent’s middle name.

"They also have a bunch of bogus questions that they can serve up to see if you really are who you say you are," explains Gartner identity fraud analyst Avivah Litan, who, in a blog post, raised alarms about the impact of the data broker hacks on Obamacare implementation.