Thousands of Rhode Island citizens have data stolen after social services hit by cyberattack

6 days ago 3
Image depicting hands typing on a keyboard, with phishing hooks holding files, passwords and credit cards.
(Image credit: Shutterstock / janews)

  • RIBridges benefits system has been hit by a cyberattack
  • The attacker shared images of the compromised systems with Deloitte
  • PII and banking information has likely been stolen in the attack

A cyberattack which hit the RIBridges system may have compromised the data of thousands of Rhode Island citizens who have applied for, or are on, a range of health coverage, human services, or benefit programs.

Rhode Island Governor Dan McKee confirmed the breach, noting in a statement posted on the Governor’s official site in response to the “major security threat,” the RIBridges system has been taken down, with all those seeking to apply for benefits needing to do so on paper.

The attack likely occurred on December 5, according to the statement, with the system subsequently being taken down on December 13, with the confirmation statement being issued on December 14.

Benefits services hit, personal data stolen

The states’ vendor, Deloitte, informed the Rhode Island governor there was a “high probability” that the attacker had successfully exfiltrated the personally identifiable information (PII) of thousands of people belonging to a number of benefits programs, including:

  • Medicaid
  • Supplemental Nutrition Assistance Program (SNAP)
  • Temporary Assistance for Needy Families (TANF)
  • Child Care Assistance Program (CCAP)
  • Health coverage purchased through HealthSource RI
  • Rhode Island Works (RIW)
  • Long-Term Services and Supports (LTSS)
  • General Public Assistance (GPA) Program

At the time of the attack, Deloitte notified federal authorities about a potential cyberattack against the RIBridges system. On December 10, Deloitte received a screenshot of internal RIBridges files from the attacker, confirming that the breach had likely resulted in the theft of PII. Deloitte further confirmed the presence of malicious code within the RIBridges system, resulting in the shutdown of the service.

The PII may include names, addresses, dates of birth and Social Security numbers, Deloitte stated, with potential compromise of certain banking information, but nothing has been confirmed as of yet. No one has come forward to claim responsibility for the attack, and no PII from the attack has been spotted online yet.

The governor’s statement recommended that RIBridges customers remain vigilant and be on the lookout for potential fraud and suspicious banking transactions, change passwords in line with cyber hygiene standards, and those affected should contact their bank for further recommendations on account security.

A multilingual customer hotline has been set up in a collaborative effort between Deloitte and Experian, with affected citizens being contacted to provide free credit monitoring services. Subsequent updates on the attack can be found here.

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

You might also like

Benedict has been writing about security issues for over 7 years, first focusing on geopolitics and international relations while at the University of Buckingham. During this time he studied BA Politics with Journalism, for which he received a second-class honours (upper division),  then continuing his studies at a postgraduate level, achieving a distinction in MA Security, Intelligence and Diplomacy. Upon joining TechRadar Pro as a Staff Writer, Benedict transitioned his focus towards cybersecurity, exploring state-sponsored threat actors, malware, social engineering, and national security. Benedict is also an expert on B2B security products, including firewalls, antivirus, endpoint security, and password management.

Read Entire Article