Photo credit: www.yahoo.com
Rhode Island’s public benefits computer system has been taken offline after a cyber attack that may have compromised the personal data of numerous residents, according to Governor Dan McKee.
Deloitte, the IT firm responsible for the state’s computer system, RIBridges, reported the initial signs of a breach to state authorities and law enforcement on December 5. Subsequently, the attackers provided screenshots that displayed personal data files to the vendor.
Governor McKee announced the shutdown of the system late Friday afternoon after Deloitte identified malicious software within the RIBridges code that posed a significant risk.
“Today, we confirmed that a cybercriminal had infiltrated the Rhode Island Bridges system and installed harmful malware which represents an immediate threat,” McKee stated during a press briefing. “Consequently, we have shut down the system, meaning that users will currently be unable to access the customer portal for any services related to Rhode Island Bridges.”
The attackers have threatened to disclose sensitive information, including names, addresses, birthdates, Social Security numbers, and banking details, as indicated by Brian Tardiff, the state’s Chief Information Officer.
More: Truck tolls are legal, but turning them back on won’t be a quick fix. Here’s why
The extent of the breach’s impact remains uncertain, particularly regarding the number of households affected. As of late Friday, there had been no reports of identity theft linked to this incident.
However, officials are urging anyone who has applied for benefits through the system since 2019 to update their passwords and keep an eye on their bank statements for any unusual activity.
“I understand this is distressing,” McKee expressed during the conference. “Both Deloitte and the state are collaborating with law enforcement and cybersecurity experts to mitigate any repercussions for the residents of Rhode Island.”
Why did the state keep the breach secret for a week?
Governor McKee noted that he was made aware of the breach shortly after it was discovered on December 5, but the state chose to withhold information until they could validate the breach and prevent further exposure of personal data.
“Deloitte informed us that a cybercriminal group claimed to possess one terabyte of sensitive data and was demanding a ransom to prevent its release,” Tardiff explained. “Initially, we were uncertain about the authenticity of these claims from the attackers, and we delayed taking action to avoid inciting additional harm.”
More: Drug kingpin’s family ties to Providence police raise questions before sentencing
Tardiff refrained from disclosing the ransom amount or whether any payment had been made.
Although harmful code has been identified, Tardiff clarified that this incident did not constitute a traditional ransomware attack, where hackers threaten to disable a system unless demands are met, but rather an extortion scheme to leak personal information.
“This type of activity leans more towards extortion by these cybercriminals,” he stated.
He also confirmed that no breaches had been identified in other state computer systems.
What is RIBridges?
Initially launched in 2016 as the Unified Health Infrastructure Project, RIBridges is a comprehensive system designed to facilitate eligibility assessments for a variety of public assistance programs.
The portal provides access to:
Supplemental Nutrition Assistance Program (SNAP)
Temporary Assistance for Needy Families
Child Care Assistance Program
The HealthSource RI health insurance exchange
Long-Term Services and Supports
General Public Assistance
As the system is currently down, individuals seeking to apply for benefits must do so via paper applications.
Households whose personal information may have been compromised will receive correspondence from the state detailing how to obtain complimentary credit monitoring services.
Additionally, the state plans to establish a dedicated call center for affected individuals.
According to State Human Services Director Kimberly Merolla-Brito, the goal is to restore the system ahead of the next scheduled benefit cycle in January.
This incident coincides with the open enrollment period for HealthSource RI, the state’s health insurance exchange.
This story has been updated with new information.
This article originally appeared on The Providence Journal: RI computer network cyberattack forces shutdown of public benefits system
Source
www.yahoo.com