Hackers may have stolen hundreds of thousands of Rhode Island residents’ sensitive information in a RIBridges cyberattack

The hackers behind the cyberattack targeting Rhode Island’s public benefits system were able to obtain sensitive data — including Social Security numbers and some banking information — private. Hundreds of thousands Rhode Island Governor Dan McKee said in a press release that they threatened to release them this week if they did not receive a ransom. press conference Saturday night. The Rhode Island government opened a toll-free hotline Sunday (833-918-6603) to provide assistance. Information about the violation How residents can protect themselves, but you won’t be able to know whether your data has been stolen by calling or not. People who may be affected will be notified by mail.

The attack targeted the RIBridges system, operated by Deloitte, which is used to apply for Medicaid, Supplemental Nutrition Assistance Program (SNAP), Temporary Assistance for Needy Families (TANF), Child Care Assistance Program (CCAP), HealthSource RI health care coverage and others. Public benefits available to Rhode Island residents. Press release from Maki’s office “Any individual who obtained or applied for health coverage and/or Health and Human Services programs or benefits could be affected by this leak,” it notes.

It is believed the hackers were able to obtain information including names, addresses, dates of birth, social security numbers and “certain banking information.” Deloitte first discovered the breach and notified state officials on December 5, determining on December 11 that there was a “high probability that the folders involved contain personally identifiable data from RIBridges.” It confirmed the presence of the malicious code on December 13 and subsequently shut down the system, before officials announced the attack to the public on the same day.

The system is now offline while Deloitte works to secure it, meaning anyone who needs to apply for one of the affected programs will have to do so by mail, and people currently registered will not be able to access the online portal or app. The state said it has not yet detected any identity theft or fraud in connection with the attack, but will provide free credit monitoring to anyone affected by the breach.