The hackers behind a major cyberattack that hit the State of Rhode Island's online system for delivering health and human service benefits have released some residents' files to a site on the dark web, state officials announced Monday.
"Unfortunately, Deloitte has informed us that the cybercriminal released at least some RIBridges files to a site on the dark web," a release from Gov. Dan McKee's office said. "This is a scenario that the State has been preparing for, which is why earlier this month we launched a statewide outreach strategy to encourage potentially impacted Rhode Islanders to protect their personal information."
They said IT teams are working to analyze the released files, and while they don't yet know the scope of the data included in those files, they are assuming that data contained in the RIBridges system has been compromised.
McKee and other state officials are scheduled to hold a press conference at 1:30 p.m. Monday to address the matter.
Anyone who has been involved in Medicaid, the Supplemental Nutrition Assistance Program known as SNAP, Temporary Assistance for Needy Families, Childcare Assistance Program, Rhode Island Works, Long-term Services and Supports and health insurance purchased through HealthSource RI may be impacted, officials have said. The RIBridges system was taken offline earlier this month after the state was informed by its vendor, Deloitte, that there was a major security threat to the system.
The governor had warned earlier this month that the people behind the cyberattack were threatening to release personal data of many Rhode Islanders. He said the hackers were demanding a ransom, but refused to elaborate.
About 650,000 people are believed to have been impacted by the cyberattack, but the state said it is still working with Deloitte to generate a list of impacted individuals. Once they have that information, letters will be sent to those individuals with instructions on how to access free credit monitoring.
"We understand that this situation is concerning, and we appreciate Rhode Islanders' patience as we continue to navigate this challenge together," the governor's office said in Monday's release.
While the data has been compromised, officials said that does not mean it has been used for identity theft purposes yet. But they are urging residents who might have been impacted to take the following steps to protect their financial information:
- Freeze your credit: Reach out to all three credit reporting agencies to freeze your credit. This is free and means no one else can take out a loan or establish credit in your name. You won’t lose access to your money or credit cards. You can lift the freeze at any time.
- Monitor your credit: Contact one of the three credit reporting agencies to order a free credit report. You can also access a free credit report through AnnualCreditReport.com.
- Request a fraud alert: Ask one of the credit reporting agencies to place a fraud alert on your files. This is free and lets creditors know to contact you before any new accounts can be opened in your name. Asking one agency to do this will cover this step for all three agencies.
- Use multi-factor authentication: This means instead of having just one password to access your information, you have a safety backup to help prove that it’s really you before you can log into your account.
- Be aware: Because of the breach, you may receive fake emails, phone calls or texts that look legitimate. Remember, never share personal information – such as your social security number, date of birth or password – through an unsolicited e-mail, call or text.
The state has also contracted with Experian to run a toll-free hotline for Rhode Islanders to call to get information about the breach and how they can protect their data. The call center is open Mondays through Fridays from 9 a.m. to 9 p.m. and Saturdays and Sundays from 8:30 a.m. to 7 p.m. at 833-918-6603. The call center will not be open on New Year's Eve or New Year's Day.
The latest updates on the situation and information on how to reach credit reporting agencies are available online at cyberalert.ri.gov. You can also find information on how to protect minors.
