On Saturday, hundreds of thousands of Rhode Island residents may have had their personal and financial information exposed in a major ransomware attack targeting the state’s government assistance system, state officials announced. Hackers have demanded a ransom, threatening to release the stolen data unless their demands are met, according to state officials.
Here’s What Happened
This week, a cyberattack had struck Rhode Island’s online portal for social services, known as RIBridges. The breach concerns the users of state assistance programs such as Medicaid, Supplemental Nutrition Assistance Program, Temporary Assistance for Needy Families, and more.
The Governor Dan McKee’s office confirmed that there was an attack on the system after Deloitte, the system’s vendor, validated the breach on Friday.
“Deloitte confirmed that there is a high probability that a cybercriminal has obtained files with personally identifiable information from RIBridges,” the governor’s office said in a statement.
What DATA was stolen?
The exposed information includes sensitive details such as social security numbers, banking details and personal information of residents who have applied for or received benefits since 2016.
The compromised programs include:
- Medicaid
- Supplemental Nutrition Assistance Program (SNAP)
- Temporary Assistance for Needy Families (TANF)
- Child Care Assistance Program (CCAP)
- Health coverage purchased via HealthSource RI
- Rhode Island Works (RIW)
- Long-Term Services and Supports (LTSS)
- General Public Assistance (GPA)
How has the state responded?
The state instructed Deloitte to temporarily shut down the RIBridges system while investigating and mitigating the threat. It also instructed that until the system is restored, new applications for assistance programs must be submitted via paper forms.
Governor McKee assured Rhode Islanders that his administration is treating the breach as a top priority. “Addressing the cybersecurity breach of the RI Bridges system is a top priority for my administration. We’re working with law enforcement and IT experts. We’ll continue to keep Rhode Islanders updated,” he said in a post on X.
Addressing the cybersecurity breach of the RIBridges system is a top priority for my Administration. We’re working with law enforcement and IT experts. We’ll continue to keep Rhode Islanders updated.
For the latest information and security tips visit https://t.co/ZwZAzPtnMJ
— Governor Dan McKee (@GovDanMcKee) December 14, 2024
Cybersecurity experts and law enforcement agencies are working together to investigate the breach and assess its scope. The hackers, identified as an international cybercriminal group, have demanded an undisclosed ransom, threatening to release the stolen data if their demands are not met.
Who was affected?
The breach has the potential to affect anyone who applied for or received some benefits through the affected programs since 2016. The officials estimate that hundreds of thousands of residents might be at risk. Those households believed to be affected will receive letters from the state with information about the breach, including instructions on how to safeguard their data and secure bank accounts.
The breach has also raised concerns about the safety of government-managed systems and the vulnerability of sensitive data. This is among the most significant ransomware attacks on Rhode Island’s infrastructure, which indicates how risky cyberattacks on public institutions are becoming.
Residents are reminded to check their bank accounts and credit reports, as well as any communications from state officials to protect their personal information during this period.
