Hackers may have stolen hundreds of thousands of Rhode Islanders’ sensitive information in the RIBridges cyberattack

Cyberattacks targeting Rhode Island’s public benefits program were able to obtain sensitive data — including Social Security numbers and other banking information — of hundreds of thousands of people, and they threatened to release it as soon as this week. ‘I didn’t pay the ransom, said Rhode Island governor Dan McKee at a press conference on Saturday night. The Rhode Island government opened a toll-free hotline Sunday (833-918-6603) to provide information about the breach and how residents can protect themselves, but you won’t be able to find out for sure if your data was stolen by calling. Potentially affected individuals will be notified by email.

The attack targeted the RIBridges system, maintained by Deloitte, which is used to apply for Medicaid, Supplemental Nutrition Assistance Program (SNAP), Temporary Assistance for Needy Families (TANF), Child Assistance Program (CCAP), HealthSource health coverage RI and more. public benefits available to Rhode Islanders. A press release from McKee’s office notes that “any person who received or applied for health care and/or health and human services programs or benefits may be affected by this leak.”

It is believed that the hackers were able to obtain information including names, addresses, dates of birth, Social Security numbers and “other banking information.” Deloitte first noticed the breach and notified government officials on December 5, and determined on the 11th that “it is highly likely that the affected folders contain personally identifiable data from RIBridges.” It confirmed the presence of the malicious code on December 13 and shut down the system, before officials announced the attack to the public the same day.

The program is now offline while Deloitte works to secure it, meaning that anyone who needs to apply for one of the affected programs will have to do so by post, and people who are currently registered will not be able to access the online portal. or operating system. The state said it has so far not found any identity theft or fraud related to the attack, but will provide free credit monitoring to anyone affected by the breach.