News Summary
Rhode Island’s health services system, RIBridges, experienced a significant cyberattack leading to a data breach affecting over 650,000 residents. The ransomware group ‘Brain Cipher’ demanded a $23 million ransom. Following non-compliance, sensitive information was leaked on the dark web. The state is offering affected individuals credit monitoring services and has launched a public outreach campaign to help protect personal data. Ongoing efforts focus on assessing the extent of the breach and restoring public-facing services.
Providence, Rhode Island – A significant cyberattack targeting Rhode Island’s health services system, known as RIBridges, has resulted in a major data breach, with the personal information of over 650,000 residents being released on the dark web. The attack, which began on December 5, 2024, was confirmed to be a ransomware incident by December 10, leading state officials to anticipate data leaks if ransom demands were not met.
The ransomware group identified as “Brain Cipher” demanded a ransom of $23 million in cryptocurrency. Following the refusal to comply with these demands, cybercriminals proceeded to publish sensitive files on the dark web. Deloitte, the state’s IT vendor, has acknowledged that some of the data from the RIBridges system was indeed leaked.
The compromised personal information encompasses names, addresses, Social Security numbers, and employment details of affected Rhode Islanders. This breach is particularly concerning as it has implications for individuals utilizing various state benefits programs, including Medicaid, SNAP, and Temporary Assistance for Needy Families, which serve over 300,000 residents annually and account for more than 40% of the state budget, approximately $3.1 billion.
In response to the breach, the state began mailing individual notification letters to those affected from January 10, 2025. These letters include information about five years of complimentary credit monitoring services through Experian, along with instructions on how to enroll, with a deadline set for April 30, 2025. Additionally, a call center has been established to provide assistance to individuals impacted by the data breach.
State officials, including Governor Dan McKee, are taking the situation seriously and are aware of the potential risks for identity theft due to the leaked information. Measures have been taken to mitigate the security threat, and officials anticipate that public-facing services of the RIBridges system will be restored by mid-January 2025 through a phased approach.
To cover the expenses incurred as a result of the ransomware attack, Deloitte has agreed to pay $5 million to the state. This agreement includes provisions for the credit monitoring and identity theft protection services for affected individuals. Ongoing analyses by Deloitte are aimed at assessing the full scope of the data leak.
The RIBridges system was temporarily taken offline upon detecting the significant security threat. Communication between state officials and the Brain Cipher group regarding the situation is reportedly ongoing as the investigation unfolds and efforts to understand the extent of the released data continue.
As a precautionary measure, the Rhode Island Department of Administration has initiated a public outreach campaign, educating residents on steps to protect their personal information. This includes the use of multifactor authentication, recommendations for credit monitoring, and the importance of setting up fraud alerts.
As the investigation progresses, state officials are focusing on ensuring the security of sensitive data and restoring essential services to Rhode Islanders who depend on these state-administered benefits. This incident underscores the increasing vulnerabilities faced by public sector institutions and the necessity for robust cybersecurity measures moving forward.
Deeper Dive: News & Info About This Topic
- StateScoop: Rhode Island Benefits System Cyberattack
- Wikipedia: Cybersecurity
- HIPAA Journal: Rhode Island RIBridges System Hack
- Google Search: Rhode Island cyberattack
- IBM: Ransomware Attack on Rhode Island Health System
- Google Scholar: Rhode Island cyberattack
- New York Times: Cyberattack on Rhode Island RIBridges
- Encyclopedia Britannica: Cybersecurity
Author: STAFF HERE PROVIDENCE WRITER
PROVIDENCE STAFF WRITER The PROVIDENCE STAFF WRITER represents the experienced team at HEREProvidence.com, your go-to source for actionable local news and information in Providence, Providence County, and beyond. Specializing in "news you can use," we cover essential topics like product reviews for personal and business needs, local business directories, politics, real estate trends, neighborhood insights, and state news affecting the area—with deep expertise drawn from years of dedicated reporting and strong community input, including local press releases and business updates. We deliver top reporting on high-value events such as WaterFire, Rhode Island International Film Festival, and Rhode Island Comic Con. Our coverage extends to key organizations like the Greater Providence Chamber of Commerce and Providence Warwick Convention & Visitors Bureau, plus leading businesses in finance and manufacturing that power the local economy such as Citizens Financial Group and Textron. As part of the broader HERE network, we provide comprehensive, credible insights into Rhode Island's dynamic landscape.
