Hackers behind a cyberattack that targeted Rhode Island’s Social Security system were able to obtain the sensitive data – including Social Security numbers and some banking information Hundreds of thousands of people, and they have threatened to release it this week if a ransom is not paid, Rhode Island Gov. Dan McKee said in a statement press conference on Saturday evening. The Rhode Island government launched a toll-free hotline (833-918-6603) on Sunday to provide assistance Violation information and how residents can protect themselves, but you can’t find out for sure just by calling whether your information has been stolen. Anyone affected will be notified by post.
The attack targeted the Deloitte-operated RIBridges system used to apply for Medicaid, Supplemental Nutrition Assistance Program (SNAP), Temporary Assistance for Needy Families (TANF), Child Care Assistance Program (CCAP), HealthSource RI -Health insurance and other public benefits available to Rhode Islanders. A press release from McKee’s office notes that “any individual who has received or applied for health insurance and/or health and human services programs or benefits could be affected by this leak.”
It is believed the hackers were able to obtain information such as names, addresses, dates of birth, social security numbers and “certain banking information.” Deloitte first discovered the breach on December 5, notified state officials and determined on December 11 that there was a “high likelihood that the affected folders contained RIBridges’ personal information.” The company confirmed the presence of malicious code on December 13th and then shut down the system before authorities announced the attack to the public that same day.
The system is now offline while Deloitte works to secure it. This means that anyone who needs to apply for any of the affected programs will have to do so by mail and people who are currently enrolled will not have access to the online portal or app. The state said it has not identified any identity theft or fraud related to the attack so far, but will offer free credit monitoring to anyone affected by the breach.
