Key Takeaways
- No identity theft reports have been filed yet
- The breach affects multiple public assistance programs
- Paper applications are currently the only method for accessing services
Rhode Island’s critical public benefits system, RIBridges, was taken offline Friday after discovering a potentially massive data breach that could impact hundreds of thousands of state residents.
The Breach: What Happened?
Governor Dan McKee revealed that cybercriminals had infiltrated the RIBridges system, threatening to release sensitive personal information collected between 2019 and the present. The breach, first detected by IT vendor Deloitte on December 5th, involves dangerous malware embedded within the system’s computer code.
Potential Data at Risk
The exposed personal information could include:
- Full names
- Home addresses
- Social Security numbers
- Birth dates
- Bank account details
System Impact and Response
The cyberattack has temporarily disabled critical state services, including:
- Medicaid applications
- SNAP (food stamp) registration
- HealthSource RI health insurance exchange access
State officials describe the incident as an “extortion-type activity” rather than a traditional ransomware attack. Brian Tardiff, the state’s Chief Information Officer, emphasizes that the state is working diligently to minimize potential damage.
Immediate Actions for Residents
Rhode Island residents who have used RIBridges since 2019 are advised to:
- Change existing passwords
- Monitor bank accounts for suspicious activity
- Anticipate free credit monitoring instructions via mail
A dedicated call center will be established to assist affected residents, with operations beginning Sunday. The state aims to restore the system before the upcoming healthcare open enrollment period ends January 31st.
