Rhode Island is grappling with a serious cyber threat as hackers have targeted the state’s social services portal, endangering the personal data of residents reliant on programs for health insurance and various forms of social support.
State officials are currently weighing options for a potential ransom payment to the attackers.
Security Breach Details
On December 13, Governor Dan McKee provided an update after being informed by the state’s contractor, Deloitte, of a major security breach affecting the RIBridges system.
This incident has the potential to impact anyone who has sought or received health-related services since 2016, putting a vast number of applicants at risk.
By Saturday night, officials within the McKee administration raised alarms about the imminent danger of personal information being disclosed as soon as this week.
Deloitte’s cybersecurity experts are in talks with the criminals to determine any ransom they might demand.
The governor has stressed the critical nature of the situation.
Investigation and Response
Deloitte first identified troubling signs of a cyber threat against RIBridges on December 5.
Initially, it was unclear whether sensitive information had been accessed, prompting alerts to both federal law enforcement and the Rhode Island State Police.
As investigations progressed, Deloitte confirmed a strong likelihood that cybercriminals had indeed accessed files containing personally identifiable information.
The leaked data may include names, addresses, birth dates, Social Security numbers, and potentially some financial details.
In light of the situation’s urgency, the governor chose to keep details under wraps until the team could effectively secure the RIBridges system.
An immediate investigation was launched to evaluate the breach’s scope and the method of attack.
Deloitte discovered malicious code within the system and has since implemented heightened security measures.
Consequently, the RIBridges portal has been taken offline to enable teams to handle the threat more effectively.
Impact on Services and Support
The RIBridges system serves as a vital gateway for numerous services, including Medicaid, SNAP (Supplemental Nutrition Assistance Program), TANF (Temporary Assistance for Needy Families), Child Care Assistance, Health coverage through HealthSource RI, Rhode Island Works, Long-Term Services and Supports, and public assistance programs.
At present, users are unable to access their accounts via the portal or mobile app; however, they can still submit benefit applications using paper forms.
In response to the breach, the state is proactively notifying households that may be affected about free credit monitoring services.
Notifications are being sent through mail, email, and text messages.
Additionally, a dedicated call center has been established to handle inquiries, reachable at 833-918-6603.
Although state officials have yet to uncover instances of identity theft or fraud related to this incident, they encourage residents to remain vigilant and monitor their accounts for any unauthorized actions.
Furthermore, citizens are advised to consider placing a credit freeze or fraud alert with major credit agencies, update frequently used passwords, and consult their banks for enhanced security measures.
For ongoing updates about the RIBridges hacking incident, residents can visit the state’s dedicated website at cyberalert.ri.gov.
Source: Insurancejournal.com
