Rhode Island Government Hit by Cyber-Attack
A major data breach compromised personal information of thousands of Rhode Island residents, including Social Security numbers and financial data.
State Services Temporarily Disrupted
RIBridges, the state’s public assistance system, was shut down, forcing residents to rely on paper applications for Medicaid, SNAP, and TANF benefits.
Free Credit Monitoring Offered
Affected individuals will receive notifications and free credit monitoring services as part of the state’s response to mitigate identity theft risks.
News > Cyber-attacks > Ransomware by Kevin Wood
Rhode Island Government Faces Major Cybersecurity Breach: Personal Data of Residents Compromised
Major Breach in Rhode Island
In early December 2024, the State of Rhode Island experienced a significant cybersecurity breach that compromised the personal and financial information of hundreds of thousands of residents. The attack targeted RIBridges, the state’s online portal for public assistance programs, including Medicaid, the Supplemental Nutrition Assistance Program (SNAP), and Temporary Assistance for Needy Families (TANF). The breach was confirmed by Deloitte, the vendor managing RIBridges, on December 13, 2024.
Details of the Breach
The cybercriminal group responsible for the attack has demanded a ransom to prevent the release of the stolen information, which includes Social Security numbers and bank account details. Governor Dan McKee’s office stated that anyone who has applied for or received benefits through the affected programs since 2016 could be impacted.
Upon confirmation of the breach, Deloitte shut down the RIBridges system to mitigate the threat. As a result, new applicants for state assistance programs are required to use paper forms until the system is restored. The state has initiated efforts to notify affected individuals, who will receive letters detailing steps to protect their data and bank accounts.
State Response and Measures
In response to the breach, the Rhode Island Department of Human Services has provided paper applications and instructions on their website to ensure continuity of services for residents. A dedicated call center has been established to assist those affected, and the state plans to offer free credit monitoring services to individuals whose information may have been compromised.
Attorney General Peter F. Neronha emphasized the importance of vigilance following the breach, advising residents to monitor their accounts for unauthorized activity, change any common or reused passwords, and consider contacting credit bureaus to freeze their credit or place a fraud alert.
Implications and Future Outlook
This incident underscores the vulnerabilities in digital infrastructure, particularly in systems handling sensitive personal information. The Rhode Island government has been proactive in addressing cybersecurity threats; notably, on December 9, 2024, the White House announced that Rhode Island would be the first state to implement Protective Domain Name Service (PDNS) cybersecurity measures across all K-12 public schools by the end of the school year. This initiative aims to prevent ransomware and other cyberattacks by blocking access to malicious websites.
The recent breach highlights the necessity for robust cybersecurity measures across all state systems. As Rhode Island works to restore the RIBridges system and protect its residents’ data, the state is likely to reevaluate and strengthen its cybersecurity protocols to prevent future incidents.
The cyberattack on Rhode Island’s RIBridges system has had a profound impact on the state’s residents, particularly those relying on public assistance programs. The state’s swift response in shutting down the compromised system, notifying affected individuals, and providing alternative application methods demonstrates a commitment to mitigating the breach’s effects. However, this incident serves as a stark reminder of the evolving cyber threats facing government infrastructure and the critical importance of implementing comprehensive cybersecurity measures to safeguard sensitive information.
State Resources for Affected Residents
- Credit Monitoring Registration: Visit ri.gov/databreach2024 for details on signing up for free credit monitoring.
- Protect Yourself: Steps to minimize risks:
- Monitor your bank accounts for unauthorized activity.
- Change all passwords, especially if reused on multiple sites.
- Consider freezing your credit through major bureaus like Equifax, Experian, and TransUnion.
Key Programs Affected
- Medicaid
- Supplemental Nutrition Assistance Program (SNAP)
- Temporary Assistance for Needy Families (TANF)
Cybersecurity Quick Tips
Stay vigilant:
- Avoid clicking unknown email links.
- Enable two-factor authentication where possible.
- Regularly update software and antivirus programs.
Contact BBG today to find out how we can help your organization. Email cybersecurity@bbg-mn.com to schedule a demo!