Clement Brako Akomea Table of Contents
The State of Rhode Island is addressing a significant RIBridges system cybersecurity breach that has potentially exposed the ‘personal’ information of residents applying for health and human services programs.
Governor Dan McKee and his Administration, along with Deloitte, the vendor managing RIBridges, are working tirelessly to mitigate the damage and secure the system.
Here’s everything you need to know about the breach, its impact, and what steps you should take to protect yourself.
Key Takeaway to RIBridges System Cybersecurity Breach
- The RIBridges system cybersecurity breach could affect individuals who have applied for benefits through state programs.
Details of the RIBridges System Cybersecurity Breach
What Happened?
On December 13, 2024, Deloitte notified Rhode Island officials of a significant security threat to the RIBridges system, leading to its immediate shutdown.
This breach, believed to be the result of a cyberattack, involves a high likelihood of unauthorized access to personally identifiable information (PII).
Timeline of the Incident
| Date | Event |
|---|---|
| December 5 | Potential cyberattack on RIBridges reported by Deloitte. |
| December 10 | Hacker sent screenshots of compromised data folders to Deloitte. |
| December 11 | Confirmation of likely PII breach within these folders. |
| December 13 | Malicious code found in the system; RIBridges shut down to mitigate the threat. |
Federal law enforcement, Rhode Island State Police, and state IT departments are actively investigating.
Who Is Affected?
Any individual who has applied for or received benefits through RIBridges may be impacted. This includes users of programs such as:
- Medicaid
- Supplemental Nutrition Assistance Program (SNAP)
- Temporary Assistance for Needy Families (TANF)
- Child Care Assistance Program (CCAP)
- HealthSource RI health coverage
- Rhode Island Works (RIW)
- Long-Term Services and Support (LTSS)
- General Public Assistance (GPA)
Personal data at risk may include names, addresses, Social Security numbers, dates of birth, and certain banking information.
Steps You Should Take Immediately
If you are a potential victim of the RIBridges system cybersecurity breach, follow these steps to protect your identity:
- Freeze Your Credit:
- Visit USA.gov Credit Freeze Guide for detailed instructions.
- Contact the three major credit bureaus to place a fraud alert.
- Monitor Financial Accounts:
- Review recent transactions for any unauthorized activity.
- Contact your bank for advice on enhancing account security.
- Update Passwords:
- Use strong, unique passwords for all accounts.
- Consider using a password manager for added safety.
- Enroll in Free Credit Monitoring:
- Affected households will receive a letter from the State with instructions for accessing credit monitoring services.
- Stay Informed:
- Check for updates on the breach and response efforts at RIBridges Alerts.
How Is the State Responding?
To address the breach, the State has taken the following actions:
- System Shutdown: RIBridges has been taken offline to mitigate further risks.
- Enhanced Security: Deloitte implemented additional protections to secure the system.
- Investigation: Federal and state authorities are collaborating on an ongoing investigation.
- Support for Affected Individuals: A dedicated call center opens on December 15 to assist those impacted by the breach.
| Call Center Details | |
|---|---|
| Launch Date | December 15, 2024 |
| Hours of Operation | Sunday: 11 a.m.–8 p.m.; Weekdays: 9 a.m.–9 p.m. EDT |
| Contact Info | Will be updated on the RIBridges Alerts page. |
Lessons from Past Cybersecurity Incidents
This breach highlights the growing threat of cyberattacks on government systems.
Similar incidents, like the 2020 SolarWinds attack, demonstrate how malicious actors exploit vulnerabilities to steal sensitive data and disrupt services. In the SolarWinds case, hackers accessed the systems of major U.S. agencies.
About RIBridges
RIBridges is Rhode Island’s integrated eligibility system for health and human services programs. Managed by Deloitte, it processes applications for essential benefits, including Medicaid and SNAP.
Rounding Up
The RIBridges system cybersecurity breach is a sobering reminder of the need for robust security in digital systems.
While the State and Deloitte are working to resolve this incident, residents must remain vigilant by taking steps to protect their personal information.
Remember, staying informed and proactive is your best defense against potential identity theft.
FAQs
What is the RIBridges system?
- It is Rhode Island’s platform for managing applications for benefits like Medicaid and SNAP.
What data was potentially compromised?
- Names, addresses, Social Security numbers, dates of birth, and some banking information.
How can I protect myself?
- Freeze your credit, monitor accounts, and update passwords.
Will impacted individuals receive help?
- Yes, free credit monitoring will be provided to affected households.
Where can I find updates?
- Visit the official RIBridges Alerts page for the latest information.
