Hackers behind a cyberattack that targeted Rhode Island’s public benefits system were able to get the sensitive data — including Social Security numbers and some banking information — of hundreds of thousands of people, and they have threatened to release it as soon as this week if they aren’t paid a ransom, Rhode Island governor Dan McKee said in a press conference on Saturday night. The Rhode Island government opened a toll-free hotline on Sunday (833-918-6603) to provide information on the breach and how residents can protect themselves, but you won’t be able to find out for sure if your data was stolen by calling in. People who may have been affected will be notified by mail.
The attack targeted the RIBridges system, maintained by Deloitte, which is used to apply for Medicaid, Supplemental Nutrition Assistance Program (SNAP), Temporary Assistance for Needy Families (TANF), Child Care Assistance Program (CCAP), HealthSource RI healthcare coverage and other public benefits available to Rhode Islanders. A press release from McKee’s office notes that “any individual who has received or applied for health coverage and/or health and human services programs or benefits could be impacted by this leak.”
It’s thought the hackers were able to get information including names, addresses, dates of birth, Social Security numbers and “certain banking information.” Deloitte first detected the breach and notified state officials on December 5, and determined on the 11th that there was “a high probability that the implicated folders contain personal identifiable data from RIBridges.” It confirmed the presence of malicious code on December 13 and subsequently shut the system down, before officials announced the attack to the public the same day.
The system is now offline while Deloitte works to secure it, which means that anyone who needs to apply for one of the affected programs will have to do so by mail, and people who are currently enrolled won’t be able to access the online portal or app. The state said it so far hasn’t detected any identity theft or fraud relating to the attack, but it will be offering free credit monitoring to anyone affected by the breach.
