News Summary
Rhode Island’s RIBridges system suffered a cyberattack affecting 644,401 individuals, prompting state officials to take immediate action. The breach, attributed to the Brain Cipher group, involved unauthorized access and data exfiltration over several months. While notifications have been sent to affected individuals, concerns about identity theft and personal data misuse persist. Deloitte, managing RIBridges, has committed $5 million to assist with the situation, including credit monitoring services for five years. Investigations are ongoing to assess the full extent and consequences of the attack.
Rhode Island has announced the results of a third-party analysis revealing that a recent cyberattack on the RIBridges system has affected approximately 644,401 individuals. Conducted by the cybersecurity firm CrowdStrike, the analysis confirms significant breaches in the state-managed system that administers essential social services, including health insurance and food stamps.
The cyberattack, attributed to the Brain Cipher cyberthreat group, prompted immediate actions from the state. On December 5, 2024, Deloitte, the company responsible for managing RIBridges, alerted state officials about a potential security threat. Following the confirmation of the breach, RIBridges was temporarily taken offline to prevent further unauthorized access.
Identified methods of the cyberthreat actor included the use of unauthorized credentials from Deloitte, which allowed access to the RIBridges system starting on July 2, 2024. Investigators noted that although CrowdStrike could not establish how those credentials were compromised or if multi-factor authentication was bypassed, the attacker initiated remote desktop sessions across six other systems linked to RIBridges, escalating privileges and utilizing remote monitoring tools throughout the month of July.
The data exfiltration continued until November 2024, affecting 28 systems overall. No evidence of ransomware was identified, which suggests that the motives behind the attack may not have involved direct financial extortion through that means. The last confirmed access to the RIBridges environment occurred on November 28, 2024.
In response to the breach, notification letters have been sent to nearly 650,000 individuals, with the state working diligently to inform those affected. As the analysis progressed, it was determined that around 114,000 of those notified were not actually impacted by the data breach. Furthermore, an additional 107,000 individuals were identified as being affected but had not yet received notification.
To help mitigate the impact of this incident, Deloitte has agreed to contribute $5 million to Rhode Island for expenses related to the breach. This financial commitment includes funding for credit monitoring services provided for a period of five years to those affected. Notifications about these services began mailing out on January 10, 2025. The state is also exploring options for modernizing the RIBridges system to prevent future occurrences.
The RIBridges system is significant for the state, processing services for over 300,000 Rhode Islanders annually. The cyberattack’s broad impact has raised serious concerns about potential identity theft and the misuse of personal data, prompting ongoing investigations into how many more individuals may eventually be found susceptible to data compromise.
As the situation develops, state officials remain focused on transparency and addressing the needs of those affected. With investigations underway, additional findings are expected to emerge over time, providing further clarity regarding the extent and consequences of the cyberattack on Rhode Island’s social services framework.
Deeper Dive: News & Info About This Topic
- TechTarget: Rhode Island RIBridges Hack Investigation
- StateScoop: Rhode Island Benefits System Cyberattack
- Cybersecurity Dive: Rhode Island Social Services Breach
- HIPAA Journal: Rhode Island RIBridges System Hack
- Google Search: Rhode Island RIBridges cyberattack
